T

Rodin 8a94a08511 Add supply-chain, deserialization, cryptography, error-handling patterns

Now covers all OWASP Top 10:2025 categories:
- A03: supply-chain.md (SolarWinds, Bybit, npm worm examples)
- A04: cryptography.md (algorithm recommendations, key management)
- A08: deserialization.md (pickle, yaml, language-specific risks)
- A10: error-handling.md (fail closed, error messages)

2026-05-10 22:48:39 -07:00

audit-logging.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

authentication.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

authorization.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

credential-handling.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

cryptography.md

Add supply-chain, deserialization, cryptography, error-handling patterns

2026-05-10 22:48:39 -07:00

deserialization.md

Add supply-chain, deserialization, cryptography, error-handling patterns

2026-05-10 22:48:39 -07:00

dos-prevention.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

error-handling.md

Add supply-chain, deserialization, cryptography, error-handling patterns

2026-05-10 22:48:39 -07:00

injection-prevention.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

input-validation.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

prompt-injection.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

README.md

Add supply-chain, deserialization, cryptography, error-handling patterns

2026-05-10 22:48:39 -07:00

secure-defaults.md

Initial commit: 9 security patterns for code review

2026-05-10 22:45:03 -07:00

supply-chain.md

Add supply-chain, deserialization, cryptography, error-handling patterns

2026-05-10 22:48:39 -07:00

README.md

Security Patterns

Scannable patterns for security code review. Each file has:

Rule — what to do
Correct Pattern — code that works (Python)
Incorrect Pattern — common mistakes
Edge Cases — gotchas

Based on OWASP Top 10:2025 and recent security research.

Patterns

Fundamentals

File	Topic	OWASP 2025
secure-defaults.md	Fail closed, deny by default, defense in depth	A06
input-validation.md	Allowlist > blocklist, validate at boundaries	A03
credential-handling.md	No hardcoded secrets, environment/secret manager	—
audit-logging.md	What to log, what not to log	A09
error-handling.md	Fail closed, no sensitive info in errors	A10

Identity

File	Topic	OWASP 2025
authentication.md	Passwords, tokens, MFA, brute force protection	A07
authorization.md	Permission checks, IDOR prevention, privilege escalation	A01

Attack Prevention

File	Topic	OWASP 2025
injection-prevention.md	SQL, command, template, path traversal	A05
dos-prevention.md	Rate limiting, resource bounds, algorithmic complexity	—
prompt-injection.md	LLM security, data/instruction separation	—
deserialization.md	Untrusted data deserialization, pickle, yaml	A08

Infrastructure

File	Topic	OWASP 2025
supply-chain.md	SBOM, dependency scanning, signed packages	A03
cryptography.md	Strong algorithms, key management, TLS	A04

OWASP Top 10:2025 Coverage

#	Category	Pattern
A01	Broken Access Control	authorization.md
A02	Security Misconfiguration	secure-defaults.md
A03	Software Supply Chain Failures	supply-chain.md
A04	Cryptographic Failures	cryptography.md
A05	Injection	injection-prevention.md
A06	Insecure Design	secure-defaults.md
A07	Authentication Failures	authentication.md
A08	Software or Data Integrity Failures	deserialization.md
A09	Security Logging and Alerting Failures	audit-logging.md
A10	Mishandling of Exceptional Conditions	error-handling.md

Sources

Usage

Reference these patterns when building or reviewing systems. Code examples are in Python for universal model comprehension; concepts apply to any language.