michael howard, a senior security program manager at Microsoft, wrote an article discussing how to develop secure source code by using the right analysis tools and experts and how to reduce risks using fuzzing and threat modeling; the article invite us to check the application’s inputs and to learn the security concepts
the article talks about the habits that any developer must have in aim to get a final, secure and efficent product :
habit #1: taking responsibility
habit #2: never trust Data
habit #3: model threats against the code
habit #4: staing one step ahead
habit #5: fuzzing.
habit #6: do not write insecure code
habit #7: recognizing the strategic asymmetry
habit #8: use the best tools
the article is available in the MSDN magazine, here .