Secure Coding: Best Practices

I was noticing John Lam's two posts this morning on .Net Security:  Securing ASP.NET using Enterprise Services and Improving Web Application Security: Threats and Countermeasures rocks.  These are some areas that I have also been thinking about lately. 

For the next couple of weeks, I am presenting talks on Security Coding: Best Practices to the development and QA teams where I work.  I will be presenting two parts:  

Part 1 will be a general best practices for security (beware user input, buffer overruns, SQL injections, etc.)

and 

Part 2 will be a .Net specific security practices (code access security, identity and principal concepts, and authenticated token usage). 

I have been interested in security coding for the last 3-4 years and have devoted a lot of time to learning all I can.  This will be my first time to actually present what I have learned.  I am really looking forward to it, and I hope/plan to do more presenting on topics like these in the future.

Published Friday, September 05, 2003 2:03 PM by RHurlbut
Filed under: , , , ,

Comments

Saturday, September 20, 2003 9:10 AM by TrackBack

# Security Talk, Part 1

Sunday, September 28, 2003 9:14 AM by TrackBack

# Security Talk, Part 1 continued

Sunday, September 28, 2003 9:24 AM by TrackBack

# SQL Server Security: SQL Injection

Sunday, September 28, 2003 1:32 PM by TrackBack

# Dewayne Mikkelson and his Radio WebDog, Shadow: Sunday, September 28, 2003

Dewayne Mikkelson and his Radio WebDog, Shadow: Sunday, September 28, 2003
Saturday, January 17, 2004 3:33 PM by TrackBack

# Speaking to Boston C# Users Group on Secure Coding: Best Practices