8 simple rules for developing secure source code
Michael Howard, a senior security program manager at Microsoft, authored an article on developing secure source code. He emphasizes the importance of using the right analysis tools and expertise, while also discussing methods to reduce risks through fuzzing and threat modeling. The article encourages readers to verify application inputs and to understand key security concepts. It outlines essential habits for developers aiming to produce a secure and efficient product:
Habit #1: Take responsibility.
Habit #2: Never trust data.
Habit #3: Model threats against the code.
Habit #4: Stay one step ahead.
Habit #5: Utilize fuzzing.
Habit #6: Avoid writing insecure code.
Habit #7: Recognize strategic asymmetry.
Habit #8: Use the best tools.
The article is available in MSDN Magazine, here .