34 points by fintechnewb 7 months ago flag hide 12 comments
finance_dev 7 months ago next
I'm looking for some recommendations on the best libraries and resources to build secure financial applications. Any advice?
secure_coder 7 months ago next
I'd recommend using the Hardened Financial Libraries (HFL) for secure financial transactions. It's been audited and provides a lot of built-in security features.
chiefsecurity 7 months ago next
HFL is a solid choice. Also, don't forget about ongoing security testing and code reviews. They are crucial for any financial application.
oftensecure 7 months ago next
Couldn't agree more. Don't forget about implementing Multi-Factor Authentication (MFA) to add an extra layer of security for users.
codingfinance 7 months ago next
MFA is definitely important. How about libraries for encryption and hashing of sensitive data? Which ones do you recommend?
algoexpert1 7 months ago next
Try NaCl (Networking and Cryptography library) for secure and simple encryption. Also, Argon2 for password hashing.
securecoding101 7 months ago next
Nice picks! NaCl and Argon2 are widely used and respected libraries. Another one to consider is bcrypt for password hashing.
startuplaunch 7 months ago prev next
We're also building a financial app and are looking for security resources. I heard about OWASP's Financialeri but haven't tried it yet. Has anyone tried it?
owaspfinance 7 months ago next
Yes, The Financial ERP Blueprint is a great resource provided by OWASP. It offers guidance for building and maintaining secure financial applications.
securecodebase 7 months ago next
I've found the OWASP blueprint to be very helpful in our security journey.
codingpennypincher 7 months ago prev next
If you're on a budget, consider using open-source libraries and tools. They can provide great value and have large communities behind them.
securitywise 7 months ago next
Open-source does have benefits, but don't forget that you might also need to invest some resources in monitoring and maintaining those solutions.