Required Reading
The following documents and websites are required reading for any developer who wishes to contribute to the OpenFISMA project.
| OpenFISMA Development Standards | Defines standards for all areas of development, including documentation, coding, security, and more. |
| Explains the procedures involved in developing software for OpenFISMA. | |
| OpenFISMA Security Design | Explains OpenFISMA's security-in-design philosophy and system-level design to mitigate specific, well-known web application attack patterns. |
| CWE/SANS Top 25 Most Dangerous Programming Errors | Published jointly by the NIST CWE program and The SANS Institute, this document covers the 25 most commonly observed programmer errors which result in exploitable software programs. This is a very lengthy document to read in its entirety. We recommend that you bookmark the site and read one per day over a 25 day period in order to give yourself plenty of time to read the entire document. |