Monday, February 14, 2005

Writing Secure Code

.NET Security or Writing Secure Code in .NET is my one of new found interests as far technical stuff is concerned. I had already delivered a couple of presentations on this as well.
A lot of people are usually un-aware of secure coding or lack skills in this domain. Another thing worth mentioning here is that we usually dont get to see a lot of text available on this either. I have came across a couple of very good books on secure coding on Microsoft Platform. One is "Writing Secure Code" (2nd Ed) , I got this book from INETA quarterly kit and this is an awesome resource on secure coding. This book doesnt target .NET rather its a general guidance for Windows Developers, it has a chapter dedicated to .NET. This book also contains an excellent work on "Buffer Overflow" problems and rates Buffer Overflows as Number One Enemy!.

The second book that i have on security is specifically for .NET people and i tell you that its a must read for any serious developer, this book is titled as "Security for Visual Basic .NET" .Although the name might suggest that this book specifically targets Visual Basic .NET but i always read it as language independent source for secure coding apis and concepts.

Another good book that I have come across is "The .NET Developers Guide to Windows Security" ( but i dont own this book) , this book is available as a wiki by Kieth Brown at I havent read too much of it though, but i still find this book well written and comprehensive resource for .NET Security.

No comments: