cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
va
Newcomer II

Secure Coding Practices for a Cloud Application

Hello,

Was not sure if i chose the right location for this post.. so apologies in advance if i have to recategorize this post.

I am trying to locate resources (standards, checklists etc.) which will help accessing the security posture of a Cloud Based Application. There is OWASP and other standard resources but what if the application is not a web based application hosted on a cloud provider but a Integration based application running as PaaS. There is no front end but a lot of data manipulation. In such a scenario are we just limited to looking for PII data that is being extracted, transformed and moved around. Do we have to look at any other aspect of "Secure Coding Practices" that are being violated. If any member can share their experience, would greatly appreciate it.

Thanks

vishu

1 Reply
Caute_cautim
Community Champion

@vaI had an initial cast around and found this - which may give you some thoughts and principles to apply:

 

https://www.ibm.com/cloud/garage/architectures/securityArchitecture/implement-secure-devops

 

Regards

 

Caute_cautim