rodin/security-patterns
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
647928a0a1bb9d0ef96ea649f80d21c8dd7a0441
security-patterns/README.md
T
Rodin 647928a0a1 Initial commit: 9 security patterns for code review 
Fundamentals: secure-defaults, input-validation, credential-handling, audit-logging
Identity: authentication, authorization
Attack Prevention: injection-prevention, dos-prevention, prompt-injection
2026-05-10 22:45:03 -07:00

45 lines
1.7 KiB
Markdown
Raw Blame History

# Security Patterns
Scannable patterns for security code review. Each file has:
- **Rule** — what to do
- **Correct Pattern** — code that works (Python)
- **Incorrect Pattern** — common mistakes
- **Edge Cases** — gotchas
## Patterns
### Fundamentals
| File | Topic |
|------|-------|
| [secure-defaults.md](secure-defaults.md) | Fail closed, deny by default, defense in depth |
| [input-validation.md](input-validation.md) | Allowlist > blocklist, validate at boundaries |
| [credential-handling.md](credential-handling.md) | No hardcoded secrets, environment/secret manager |
| [audit-logging.md](audit-logging.md) | What to log, what not to log |
### Identity
| File | Topic |
|------|-------|
| [authentication.md](authentication.md) | Passwords, tokens, MFA, brute force protection |
| [authorization.md](authorization.md) | Permission checks, IDOR prevention, privilege escalation |
### Attack Prevention
| File | Topic |
|------|-------|
| [injection-prevention.md](injection-prevention.md) | SQL, command, template, path traversal |
| [dos-prevention.md](dos-prevention.md) | Rate limiting, resource bounds, algorithmic complexity |
| [prompt-injection.md](prompt-injection.md) | LLM security, data/instruction separation |
## Sources
- [OWASP Cheat Sheet Series](https://cheatsheetseries.owasp.org/)
- [OWASP Top 10](https://owasp.org/Top10/)
- [OWASP LLM Top 10](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
- [CWE (Common Weakness Enumeration)](https://cwe.mitre.org/)
## Usage
Reference these patterns when building or reviewing systems. Code examples are in Python for universal model comprehension; concepts apply to any language.
Reference in New Issue View Git Blame Copy Permalink