I was noticing John Lam'sÂ two postsÂ this morning on .Net Security:Â Securing ASP.NET using Enterprise Services and Improving Web Application Security: Threats and Countermeasures rocks.Â These are some areasÂ that I have also been thinking about lately.Â
For the next couple of weeks, I am presenting talks on Security Coding: Best Practices toÂ the development and QA teams where I work.Â I will be presenting two parts:Â Â
Part 1 will beÂ a general best practices for security (beware user input, buffer overruns, SQL injections, etc.)
Part 2 will beÂ a .Net specific security practices (code access security, identity and principal concepts, and authenticated token usage).Â
I have been interested in securityÂ coding for the last 3-4 years and have devoted a lot of time to learning all I can.Â This will be my first time to actually present what I have learned.Â I am really looking forward to it, and I hope/plan to do more presenting on topics like these in the future.