A Few Thoughts about Security
I have the privilege of attending a security conference hosted by an ISV named PATCHLINK. In preparing to speak at that conference, I was reminded again how important it is for ISVs too prioritize security in the as part of the complete development lifecycle. All to often security concerns are completely ignored or only considered in the testing phase. Often I have heard ISVs articulate the belief that their 'Line of Business application' could not possibly constitute a security risk.
Sadly these assumptions and actions all too often lead to big problems.
Everyone who writes software needs to consider security at every point in the development lifecycle.
Here are some great resources that will help get you started on the right track.
http://msdn.microsoft.com/security/sdl
http://msdn.microsoft.com/library/en-us/dnvs05/html/vs05security.asp
Have Fun!
W^3
