Security Fundamentals
Before you can effectively develop secure applications, you must posses a fundamental understanding of security concepts and the security features of the platforms for which you develop. You should also have an understanding of secure coding techniques.
Understanding Security
- Securing Applications
Describes .NET Framework code access security, role-based security, security policy, and security tools. - An Overview of Security in the .NET Framework
Profiles the fundamental features in the Microsoft .NET Framework security system. - The Ten Immutable Laws of Security (https://www.microsoft.com/technet/columns/security/essays/10imlaws.asp)
Discusses real security problems that are not the result of product flaws.
Coding for Security
Most coding errors that result in security vulnerabilities occur because developers make invalid assumptions when working with user input or because they do not fully understand the platform for which they are developing.
- Secure Coding Guidelines for the .NET Framework
Describes the security system, discusses the security issues you might need to consider in your code, and provides guidelines for classifying your components to address security issues. - Compiler Security Checks
Discusses buffer overruns and the complete picture of the Microsoft Visual C++ .NET security checks feature provided by the /GS compile-time flag. - Security Tutorial
Discusses .NET Framework security and shows how to modify security permissions in C#.