The Developer Highway Code

If you follow my blog you know one of my favortie books is "Writing Secure Code" from Michael Howard. Another good book written by a fellow Microsoftie is "The Developer Highway Code". Written by Paul Maher, this handbook captures and summarises the key security engineering activities that should be an integral part of your software development processes.

The book introduces several concepts for secure coding, including:

• Identifying security objectives
  
• Applying design guidelines for security
  
• Threat modelling
  
• Security architecture and design reviews
  
• Security code reviews
  
• Security deployment reviews
  

The nice thing is that Microsoft has made this freely available as a PDF download from their UK MSDN site. You can download it here.

Happy reading!