I would like to thank everyone who came out for the Microsoft/Compuware Application Level Security Best Practices workshop. We kick things off by discussing the common application vulnerabilites that developers need to be aware of and how Compuware’s DevPartner SecurityChecker product can help you analyze and combat those vulnerabilities.

As promised, here is the slide deckfrom the event as well as a few resources to point out to help you on your quest of becoming a secuirty conscious developer.

Slide deck: WritingSecureCode.zip

Resources:

• Microsoft Security Developer Center
• Application Threat Modeling
• Microsoft Developer Security Resource Kit
• Book: Writing Secure Code, Second Edition

Tools:

• Microsoft Threat Analysis & Modeling v2.0 BETA2
• Microsoft Anti-Cross Site Scripting Library V1.0

Blogs:

• Michael Howard’s Blog
• Microsoft’s ACE Team
• Dan Seller’s Blog