I was looking recently for some sort of guideline that would help me ensure that code was securely written. I stumbled upon the CERT standards, of which there are few, but one that seemed interesting was this one on Oracle and Java. I thought this first standard was a great explanation of good and bad code that you could use for this particular problem.
I looked for something similar from Microsoft. I found this, which seems more like a random collection of links that don’t teach, or lead, anyone through the ideas of how to write better code.
In some ways, Microsoft has produced a microcosm of the Internet. A mish mosh of lots of information with no organization applied at all.
Filed under: Blog Tagged: security, software development, syndicated