One of the biggest requests from our customers is for us to share what we have learnt and know about writing secure software with developers around the world.  Our Patterns and Practices team has done just that.  Here is the index to the security guidance. 

The Patterns and Practices team partnered with teams in the Developer Division, Microsoft internal security experts, customers and industry security experts to bring you security guidance for .NET Framework 2.0.  Microsoft customers can find the guidance under the patterns and practices brand, available for free on MSDN.  Here is the index to the .NET 2.0 Security Guidance.   

Previous customer feedback has told us that it is important for the security guidance to be easy to use, actionable, and tied in to the tools.  We’ve responded by creating modular guidance that can be accessed via multiple entry points each tuned to specific customer scenarios.  We have also provided indexes and views to provide multiple entry points into the security guidance.  These have been tuned for specific customer scenarios.  The Patterns and Practices security guidance is now integrated into MSF Agile/VS 2005.  Tight integration with the IDE helps to make security a seamless part of the development experience and serves to deliver our guidance directly to the developer’s desktop. 


We have got some great customer reaction and feedback to this guidance.  If you have other feedback on this, I would love to hear from you.