Ordered by order of importance, with control number 1 being the most important.
- Verify for security early and often.
- Parameterize queries.
- Encode data.
- Validate all inputs.
- Implement identity and authentication controls.
- Implemente appropiate access controls.