Figuring Out Where to Start with Secure Code – ASW #358
Mike Shema
- FYI: Secure AI/ML-Driven Software Development (LFEL1012)
- FYI: Launching the 2025 State of Rust Survey
- We found cryptography bugs in the elliptic library using Wycheproof
More results from interns! And a nice update to the Trail of Bits Testing Handbook.
- Latest progress update on Microsoft’s Secure Future Initiative
Check out the details of their latest report for ideas on how to model a product security program.
- OWASP Top 10:2025 RC1 (redux)
Be sure to check out the latest OWASP ASVS, which serves as a better foundation for starting and maturing a secure coding effort.
For more practical and tactical recommendations on specific apps, check out the OWASP Cheatsheet series .







