RE: Security and Development Best Practice Guidelines for .NET Framework

[Amit Klein <Amit.Klein () SanctumInc com>]

Hi

Sanctum has a paper on the subject titled "Secure Coding Practices for 
Microsoft .NET Applications".
Download it here: 
http://www.sanctuminc.com/pdf/WhitePaper_Secure_Coding_Practices_VSdotNET.pdf

Thanks,
-Amit

> -----Original Message-----
> From: Rosado, Rafael (Rafael) [mailto:rarosado () lucent com]
> Sent: Wednesday, October 08, 2003 23:20
> To: cisspforum () yahoogroups com;security-basics () securityfocus com;
> webappsec () securityfocus com;security-awareness () yahoogroups com
> Subject: Security and Development Best Practice Guidelines for .NET
> Framework
>
>
> All List Members,
>
> I am aware of the different guidelines that have been issued
> by Microsoft
> and @stake has performed an independent evaluation of the
> .NET Framework
> under Windows 2003 Server compared to IBM's Websphere 5.0.
>
> However, I am looking for other guidelines/best practices
> that might have
> been issued by other independent parties.
>
> Any assistance in identifying these resources on the Internet
> is greatly
> appreciated.
>
> Rafael Rosado, CISSP, CISA
> Lucent Technologies
> IT Security Manager - Corporate Security
> Business Assurance and Risk Mitigation Services (B.A.R.M.S.)
> 2400 SW 145th Avenue
> Miramar, Florida 33027
> Office: 954-885-2176
> Facsimile: 954-885-3861
> Email: rarosado () lucent com
>
> This electronic mail message contains information belonging to Lucent
> Technologies, which may be confidential and/or legal privileged. The
> information is intended only for the use of the individual or
> entity named
> above. If you are not the intended recipient, you are hereby
> notified that
> any disclosure, printing, copying, distribution, or the
> taking of any action
> in reliance on the contents of this electronically mailed
> information is
> strictly prohibited. If you receive this message in error, please
> immediately notify us by electronic mail and delete this message.
>