Security tools in VS.NET 2005

http://www.eweek.com/article2/0,1759,1734871,00.asp

From the article:

"The .Net Framework and Visual Studio .Net provide developers with the necessary tools and information to write secure applications. Managed code and the .Net Framework make writing secure applications easier ... and help developers avoid one of the largest types of security breaches—buffer overruns," Samona said.

Samona said security must be addressed in all phases of development.

"Every organization, small or large, must have an SDL (Security Design Lifecycle) in place to ensure security occurs at all relevant phases, not just at code review," Samona said. "In addition to having an SDL, organizations must provide their developers with the adequate training to write secure applications. A recent Microsoft study showed that 64 percent of developers are not confident in their ability to write secure applications. Developers should be required to attend relevant security training and become certified."