Welcome to MSDN Blogs Sign in | Join | Help

New MCSD Electives

We're about to launch two new electives for the MCSD certification. 70-330, Implementing Security for Applications with Microsoft Visual Basic .NET and 70-340, Implementing Security for Applications with Microsoft Visual C# .NET. (These exams should be in beta in April.)

These are the first MCSD electives that aren't based on a server product. One of the challenges facing Microsoft is that the perceived security of our platform depends on the security knowledge of the folks who build applications. If application X running on top of .NET gets hacked, it shows up in the press as “.NET application vulnerable.” It's perceived as an issue with the platform, even when the problem is specific to the application.

It's our job to fix this, and we'll do fix it by educating developers who are building the applications. It's good for us, because we want our customers to be successful. It's good for our customers, because they are secure. And it's good for developers, because they can sleep more soundly.

In the public events we're running at the moment, we're doing all security content. We also have some great guidance on how to build secure applications, including books like Building Secure ASP.NET Applications and Improving Web Application Security: Threats and Countermeasures. It's great to see the MCP team supporting us by encouraging developers to get security certified.

I would love to see the MCP program go to the next step and create an MCSD + Security along the same lines as the MCSE + Security credential for IT pros. I don't know their plans, but I'll be lobbying for this next time I see anyone on that team!

Published Saturday, March 13, 2004 2:02 PM by gsnowman
Filed under:

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: New MCSD Electives

Saturday, March 13, 2004 3:53 PM by Lorenzo Barbieri
Great news... I'm very happy about that!

# re: New MCSD Electives

Saturday, March 13, 2004 4:04 PM by Jonathan Cogley
Awesome. I have been reviewing the study guide for the Visual C# for Web Application exam and had been wondering about the elective to pick. I should be all set with this one after DevDays!

I actually came across a vendor's ASP site the other day that was susceptible to SQL injection using the exact script from DevDays to reveal tables, columns, etc - I refrained from DROP/DELETE and notified the site owner. :-)

# What should I blog?

Sunday, March 14, 2004 11:50 AM by .NET Banana

# re: New MCSD Electives

Sunday, March 14, 2004 11:01 PM by Kent Tegels
You know, Geoff, its fine to say "It's our job to fix this, and we'll do fix it by educating developers who are building the applications" but I want to see MS publically commit to have 100% of their developers getting certified too. Do we create insecure apps? Yes, we do. Do Microsoft's own employees? Yes, they do too. It sometimes sounds like you are passing the security buck when you write something like this.

That said, I love the idea of MCSD+Security.

# Drastic times call for bold moves

Monday, March 15, 2004 12:14 AM by Gary Pupurs
This is a great measure to take. But honestly, certification exams still only prove you can study to take a test. There's always a large portion of active developers who never study for the tests. (This from someone who's studying for the MCSD tests. Go figure.)

Know what would be a great PR move? If Microsoft sent those two good MS Press books on security, for free, to EVERY developer who they have a current address for, and make it freely available for anyone else via an online form. Or send the MCPs (got their addresses) two books each, and tell them to give one away to a friend.

Costly? Perhaps. But so will be the next big media blitz about the latest "security hole" in .NET caused by an errant developer...

That said, I'm glad to see the continued focus on security, and will definitely look into this test once the first four are out of the way.

# re: New MCSD Electives

Monday, March 15, 2004 4:18 PM by Geoff Snowman
I couldn't agree more with Kent. In fact, Microsoft has already been spending time and money providing training on secure coding practices for everyone who works on product development - this is now mandatory for anyone who writes code for our products. I don't know if they will all go out and actually take the exam, but they have all studied the material and more.

I don't necessarily agree with Gary that we should mail the books to everyone, as that's a LOT of dead trees. They are available for free on the web at the site in the original post. I always have some copies around, so I'll try to bring some as door prizes to any event I go to.

# re: New MCSD Electives

Thursday, October 19, 2006 2:33 PM by Joe Dorini

To all MCSE's

I am a recruiter for Talent Family Inc. We only specialize in helping Microsoft Professionals get a employement with Microsoft Partners. We are nationwide but are based in Falls Church VA. Anyone that is interested in learning more or those who are interested in helping me start a User Group in the NoVA area for meetings and updates,please reply or email me at jdorini@talentfamily.com

# NET Banana New MCSD Electives | Insomnia Cure

Monday, June 08, 2009 6:18 PM by NET Banana New MCSD Electives | Insomnia Cure

PingBack from http://insomniacuresite.info/story.php?id=9590

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
 
Page view tracker