mailing list archives
Re: Suggested Security and Performance Programming Classes
From: "K. K. Mookhey" <cto () nii co in>
Date: Wed, 28 Apr 2004 18:05:19 +0530
For the specific platforms that you have listed out, the following documents
would be most useful:
1. Threats and Countermeasures
2. Building secure ASP.NET applications
3. SQL Security
www.sqlsecurity.com, of course.
For general secure programming, there are a number of good references:
Secure Programming Howto: www.dwheeler.com
Writing Secure Code, Michael Howard, MS Press
As for training, there are a number of companies that provide training on
secure programming, including ours. I guess you could find a listing on
www.networkintrusion.co.uk or Google for it.
K. K. Mookhey
Network Intelligence (I) Pvt. Ltd.
Security Consulting Services
----- Original Message -----
Over the past few months I have been using my knowledge gained
throughout the securityfocus.com lists to heighten the awareness of how
web based application security vulnerabilities (SQL Injection, Cross
Site Scripting etc..) can be. In response to this awareness the CIO
asked that I research to determine if there are any commercially available
books and/or training classes that specialize in teaching these lessons
to our development staff. He has also asked if I could research to
determine if there are any suggested training and/or books that are good
for coding for performance.
Development platform: C#, ASP.net, SQL server 2000.