Developer Highway Code

Recently I found myself researching security best-practises in .NET, and it led me to eventually stumble upon this book from MSDN. It’s perfect as a reminder of the processes you should be following and the kind of things you should be looking for during testing. It’s also an easy read, which says a lot considering the subject matter it covers.

The summary from their website says it all:

To build software that meets your security objectives, you must integrate security activities into your software development lifecycle. This handbook captures and summarises the key security engineering activities that should be an integral part of your software development processes.

These security engineering activities have been developed by Microsoft patterns & practices to build on, refine and extend core lifecycle activities with a set of security-specific activities. These include identifying security objectives, applying design guidelines for security, threat modelling, security architecture and design reviews, security code reviews and security deployment reviews.

It’s available as a free PDF or in paper back.

This entry was posted in Book Reviews and tagged . Bookmark the permalink.

1 Response to Developer Highway Code

  1. dan says:

    Interesting find, it’s a bit old (2007 / .NET 2.0) but still relevant and nicely laid out.
    Nice one.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s