Robert Hurlbut Blog

Thoughts on Software Security, Software Architecture, Software Development, and Agility

Secure Coding: Best Practices

Friday, September 5, 2003 Comments

 .NET  ArchitecturePatterns  ASP.NET  COMPlus EnterpriseServices  Security 
Share:   Share on LinkedIn    Share on Twitter    Share on Facebook   

I was noticing John Lam's two posts this morning on .Net Security: Securing ASP.NET using Enterprise Services and Improving Web Application Security: Threats and Countermeasures rocks. These are some areas that I have also been thinking about lately.

For the next couple of weeks, I am presenting talks on Security Coding: Best Practices to the development and QA teams where I work. I will be presenting two parts:

Part 1 will be a general best practices for security (beware user input, buffer overruns, SQL injections, etc.)


Part 2 will be a .Net specific security practices (code access security, identity and principal concepts, and authenticated token usage).

I have been interested in security coding for the last 3-4 years and have devoted a lot of time to learning all I can. This will be my first time to actually present what I have learned. I am really looking forward to it, and I hope/plan to do more presenting on topics like these in the future.

Share:   Share on LinkedIn    Share on Twitter    Share on Facebook