Writing secure code is by no means an easy task and begins well before forming the first loop. To get anywhere near bullet-proof code, developers, including architects and auditors; engineers and managers, have to try and imagine everything that may possibly go wrong and more. It is, of course, impossible to anticipate each and every one of the nasties attackers my come up with, but developers have to do their best to plug holes, reduce attack surfaces and generally protect codes against potential breaches. Here are some of the top tips for producing increasingly secure codes.

Rigorous Input Testing

Attackers can and will find any 'doors' left open by code to get into users' machines. Software accepting input via the Internet is particularly at risk of allowing someone sneaking something in. Testing structure and size of all incoming data and not trusting anyone at any time is the only secure solution. It may be time-consuming, tedious and exhausting, but it must be done to ensure security.

Storing Necessities Only

Programmers often act like obsessive hoarders and store anything that may someday come in handy. While this may one day assist in debugging software, it also leaves a long and winding data trail that can be found by any hungry data thief. Storing only the bare essentials saves time, money and disc space, as well as offering a much smaller target to thieves.

Adding Hurdles

Passwords are doubtlessly of value, but even long strings of characters can and will eventually be cracked. Adding additional hurdles like N-factor authorisation; cryptographic key hardware and/ or IP address tracking will greatly increase security. It may be cumbersome and potentially expensive, but it's well worth it.

Negotiating Requirements

When discussing features, the potential risk each requirement may add should be carefully considered. A slick feature may look great, but could open the door to countless security breaches. It is better to forego a cute feature than to deal with the aftermath of a security breach.

Adding delays to Code

Attacks are often based on brute force. Bots often attempt to screen-scrape a data base with millions of successive queries. Others may try trillions of password versions until stumbling across the right combination of characters. Progressive delays help to stop bots in their tracks. This may involve doubling delays after each incorrect password entry, or limiting queries from single IP addresses.

Other measures to successfully increase security include:

Using lots of encryption
Building walls by having separate log-ins to different parts of a system
Using tested code libraries
Using internal APIs
Getting external editors to scrutinise code
Using code analysers
Imagining threats while developing code

Keeping informed of current threats and the latest discoveries will also help to write ever more secure code.