Defensive programming against malicious attacks

Question

The company I'm working on is rebuilding the internal product for external use.

The product will initially be created in C # using WPF, and then ported to Silverlight.

One of the focus points is encoding against malicious attacks, for example. SQL injection, etc.

Questions:

Can anyone recommend urls pointing to articles on best security practices.
Can anyone recommend an analysis tool for code analysis to identify weaknesses. If possible, we would like to include this tool in our continuous integration scenarios.

+3

user173847 15 sept. '09 at 17:40

3

, , :

:

-10 -, . , , .

, .

* *

MSDN, #.

+3

David 15 . '09 17:46

, :

: .

, .

, - OWASP Top 10 (google: owasp top 10 2007).

, , . , , .

,

, , , .

:

,

, : , , ( Google , " " " " ) , .

, .

SB

PS: sorry for the links "google", I am a new user and can leave only 1 url in my answers :(

+1

Starbuck3000 Sep 17 '09 at 14:03

Dan Diplo · Accepted Answer · 2009-09-15T17:51:32+0000

MSDN: ( #).