S. Somasegar is the corporate vice president of the Developer Division at Microsoft. Learn more about Somasegar.
Security continues to be at the fore front of every application developer’s mind. I constantly get asked by our customers for more information and help (tools, code samples, prescriptive guidance) around building high-secure applications and services.
The Patterns and Practices team recently drove an effort partnering with several security experts in the community. The main reason for this effort is to create a suite of modular, task-based security code samples and to create a reusable code example template for making these more useful. The net result is a set of organized, security code samples to supplement the existing PAG security guidance. These code snippets are hosted here as part of Channel 9 on MSDN.
We do have code samples on a variety of topics including administration, auditing and logging, authentication and user management, authorization, communications, configuration management, cryptography, database connectivity, exception management, input and data validation, i/o, registry, session management and web services.
J.D. Meier, who is a part of the Patterns and Practices team, wrote a good blog recently on this. The initial feedback from our customers has been quite positive. If you have any additional feedback, do let the team know.