Secure applications

You should consider security in all aspects of your application development, from design to deployment. Start by running Visual Studio as securely as possible. See User permissions.

To help you effectively develop secure applications, you should have a fundamental understanding of security concepts and the security features of the platforms for which you develop. You should also understand secure coding techniques.

Code for security

Most coding errors that result in security vulnerabilities occur because developers make incorrect assumptions when working with user input, or because they don't fully understand the platform for which they're developing.

Build for security

Security is also an important consideration in the build process. A few additional steps can improve the security of a deployed app and help prevent unauthorized reverse engineering, spoofing, or other attacks:

  • Dotfuscator is free and helps to protect .NET assemblies from reverse-engineering and unauthorized use such as unauthorized debugging.
  • Strong-name signing can be used to uniquely identify software components and prevent name spoofing.

See also