8 Simple Rules For Developing More Secure Code
While surfing the Web, I came across the following article written by Michael Howard. The article really resonated for me because it covered the following
points:
- Using analysis tools and experts to review your code (which can be accomplished with tools such as FxCop, AppVerifier and PREfast)
- Reducing risk using fuzzing and threat modeling (the ACE team has written a great threat modeling tool that I demoed at the Toronto ISC2 conference recently)
- Keeping bad input out of your applications
- Learning all you can about security concepts
It's a good read. Check out the article here:
http://msdn.microsoft.com/msdnmag/issues/06/11/SecureHabits/default.aspx
Are you interested in writing a post on this blog? Contact me here and I'd be glad to review and put up your security oriented article. Cheers!
