Following are selected resources available online and in print on the subject of developing secure applications and configuring secure environments:
Microsoft Web sites
- Microsoft Security (http://www.microsoft.com/security)
Learn how Microsoft is working to help you keep your applications and systems secure, from the desktop to network-level systems, with links to security resources for IT professionals, developers, and home users.
- Security Resources on MSDN (http://msdn.microsoft.com/security)
Guides you to developer-oriented documentation, code samples, technical articles, and other resources for developing secure applications.
- Microsoft TechNet Security (http://www.microsoft.com/technet/security)
Contains pointers to the most important technical information about security for information technology professionals and "Power Users".
- Maintain Security with Windows 2000 (http://www.microsoft.com/windows2000/security)
Contains information on the latest security updates for the Microsoft Windows 2000 Operating System family.
- Maintain Security with Windows XP (http://www.microsoft.com/windowsxp/security)
Contains information on the latest security updates for the Microsoft Windows XP Operating System family.
- Maintain Security with Windows NT (http://www.microsoft.com/ntserver/security)
Contains information on the latest security updates for the Microsoft Windows NT Server.
Other Web sites
- The CERT Coordination Center (http://www.cert.org)
CERT is a center of Internet security expertise, studying security vulnerabilities, publishing security alerts, and developing information and training to help you improve security at your site.
- NTBugTraq (http://www.ntbugtraq.com)
Discusses security bugs and exploits found in Microsoft Windows and related products.
Microsoft Press Books
- Bott, Ed and Siechert, Carl. Microsoft Windows Security Inside Out for Windows XP and Windows 2000. Redmond, WA: Microsoft Press, 2002.
- Howard, Michael and LeBlanc, David. Writing Secure Code, 2d edition. Redmond, WA: Microsoft Press, 2002.
- Internet Security Systems, Inc. Microsoft Windows 2000 Security Technical Reference. Redmond, WA: Microsoft Press, 2000.
Bock, Jason, et al. .NET Security. Berkeley, CA: Apress LP, 2002.
Brown, Keith. Programming Windows Security. New York, NY: Addison Wesley Longman, Inc., 2000.
Curtin, Matt. Developing Trust: Online Privacy and Security. Berkeley, CA: Apress LP, 2001.
LaMacchia, Brian, et al. .NET Framework Security. New York, NY: Addison Wesley Longman, Inc., 2002.
Peikari, Cyrus and Fogie, Seth. Windows .Net Server Security Handbook. New York, NY: Prentice Hall PTR, 2002.
Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition. New York, NY: Wiley, John & Sons, Inc., 1995.
Seven, Doug, et al. ASP.NET Security. Birmingham, UK: Wrox Press, 2002.