How To: Perform a Security Code Review for Managed Code

Recently I was asked by one of my clients to do a security review of some of their code. I'm no security expert (and stated this to them) but I was still requested to do this. Having gotten this task I decided to look for lots of sources to do with security. I ended up scratching my head and use the old method of "do what feels right" , that is, try to pretend I was a hacker and see if any of the code could be compromised (lots of web services, queues etc.)

I'm not sure I did a great job, but I learned a lot. If only I had access to this article I'd be more sure of that:

How To: Perform a Security Code Review for Managed Code (.NET Framework 2.0)

(via varad)

Nov 3 How To: Perform a Security Code Review for Managed Code

Nov 3 "Ask The Pros" article about favorite .NET addins at VisualStudioHacks.Com

Oct 31 FinalBuilder is approaching version 4, and still the coolest build tool out there

Related Posts

Nov 26 Nov 26 [Review] CodeSmart.Net

Jun 10 Jun 10 Tips for Testable code and for testing legacy code

Mar 11 Mar 11 CLR Performance Q&A, and how it relates to unit testing and mock objects

Nov 26
Nov 26 [Review] CodeSmart.Net

Jun 10
Jun 10 Tips for Testable code and for testing legacy code

Mar 11
Mar 11 CLR Performance Q&A, and how it relates to unit testing and mock objects