Update 0xb0-next-devs.md

Author: RiuSalvi

editions/2023/pt-pt/0xb0-next-devs.md

@@ -1,24 +1,24 @@
-# What's Next For Developers
+# O Que Se Segue Para Programadores
 
-The task to create and maintain secure applications, or fixing existing
-applications, can be difficult. It is no different for APIs.
+A tarefa de criar e manter aplicações seguras, ou corrigir aplicações 
+existentes, pode ser difícil. Não é diferente para as APIs.
 
-We believe that education and awareness are key factors to writing secure
-software. Everything else required to accomplish the goal depends on
-**establishing and using repeatable security processes and standard security
-controls**.
+Acreditamos que educação e consciencialização são fatores chave para o
+desenvolvimento de software seguro. Tudo o mais necessário para alcançar este
+objetivo depende da **definição e utilização de processos de segurança
+reprodutíveis e do uso de controlos de segurança _standard_**.
 
-OWASP provides numerous free and open resources to help you address security.
-Please visit the [OWASP Projects page][1] for a comprehensive list of available
-projects.
+A OWASP disponibiliza uma grande quantidade de recursos gratuitos e abertos para
+abordar a segurança. Por favor visite a [página dos projetos OWASP][1] para 
+consulta da lista dos projetos existentes.
 
 | | |
 |-|-|
-| **Education** | The [Application Security Wayfinder][2] should give you a good idea about what projects are available for each stage/phase of the Software Development LifeCycle (SDLC). For hands-on learning/training you can start with [OWASP **crAPI** - **C**ompletely **R**idiculous **API**][3] or [OWASP Juice Shop][4]: both have intentionally vulnerable APIs. The [OWASP Vulnerable Web Applications Directory Project][5] provides a curated list of intentionally vulnerable applications: you'll find there several other vulnerable APIs. You can also attend [OWASP AppSec Conference][6] training sessions, or [join your local chapter][7]. |
-| **Security Requirements** | Security should be part of every project from the beginning. When defining requirements, it is important to define what "secure" means for that project. OWASP recommends you use the [OWASP Application Security Verification Standard (ASVS)][8] as a guide for setting the security requirements. If you're outsourcing, consider the [OWASP Secure Software Contract Annex][9], which should be adapted according to local law and regulations. |
-| **Security Architecture** | Security should remain a concern during all the project stages. The [OWASP Cheat Sheet Series][10] is a good starting point for guidance on how to design security in during the architecture phase. Among many others, you'll find the [REST Security Cheat Sheet][11] and the [REST Assessment Cheat Sheet][12] as well the [GraphQL Cheat Sheet][13]. |
-| **Standard Security Controls** | Adopting standard security controls reduces the risk of introducing security weaknesses while writing your own logic. Although many modern frameworks now come with effective built-in standard controls, [OWASP Proactive Controls][14] gives you a good overview of what security controls you should look to include in your project. OWASP also provides some libraries and tools you may find valuable, such as validation controls. |
-| **Secure Software Development Life Cycle** | You can use the [OWASP Software Assurance Maturity Model (SAMM)][15] to improve your processes of building APIs. Several other OWASP projects are available to help you during the different API development phases e.g., the [OWASP Code Review Guide][16]. |
+| **Educação** | The [Application Security Wayfinder][2] should give you a good idea about what projects are available for each stage/phase of the Software Development LifeCycle (SDLC). For hands-on learning/training you can start with [OWASP **crAPI** - **C**ompletely **R**idiculous **API**][3] or [OWASP Juice Shop][4]: both have intentionally vulnerable APIs. The [OWASP Vulnerable Web Applications Directory Project][5] provides a curated list of intentionally vulnerable applications: you'll find there several other vulnerable APIs. You can also attend [OWASP AppSec Conference][6] training sessions, or [join your local chapter][7]. |
+| **Requisitos de Segurança** | Security should be part of every project from the beginning. When defining requirements, it is important to define what "secure" means for that project. OWASP recommends you use the [OWASP Application Security Verification Standard (ASVS)][8] as a guide for setting the security requirements. If you're outsourcing, consider the [OWASP Secure Software Contract Annex][9], which should be adapted according to local law and regulations. |
+| **Arquitetura de Segurança** | Security should remain a concern during all the project stages. The [OWASP Cheat Sheet Series][10] is a good starting point for guidance on how to design security in during the architecture phase. Among many others, you'll find the [REST Security Cheat Sheet][11] and the [REST Assessment Cheat Sheet][12] as well the [GraphQL Cheat Sheet][13]. |
+| **Controlos Standard de Segurança** | Adopting standard security controls reduces the risk of introducing security weaknesses while writing your own logic. Although many modern frameworks now come with effective built-in standard controls, [OWASP Proactive Controls][14] gives you a good overview of what security controls you should look to include in your project. OWASP also provides some libraries and tools you may find valuable, such as validation controls. |
+| **Ciclo de Desenvolvimento de Software Seguro** | You can use the [OWASP Software Assurance Maturity Model (SAMM)][15] to improve your processes of building APIs. Several other OWASP projects are available to help you during the different API development phases e.g., the [OWASP Code Review Guide][16]. |
 
 [1]: https://owasp.org/projects/
 [2]: https://owasp.org/projects/#owasp-projects-the-sdlc-and-the-security-wayfinder