Radical Development

Monthly Archives: September 2010

September 26, 2010
by Steven Swafford
Comments Off

Static Code Analysis Toolsets

In keeping with my last couple of post on Security Development Lifecycle I thought I would put together a list of free and commercial products. While there are many other products out there this should be enough to get you thinking about how you can analyze your code before shipping. .NET FxCop is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements. Many of the issues concern violations of the programming and design rules set forth in the …

Continue reading

September 25, 2010
by Steven Swafford
Comments Off

Reading Club: The Art Of Unit Testing

This month my recommendation for reading is The Art of Unit Testing by Roy Osherove. This book was originally published back in May 2009 and if you’re like me and never took the time to read it before then I urge you to do so. I am about 40% complete reading this book and I only picked it up a couple days ago. If you want to learn more in the aspect of Unit Testing this book has you covered. I like the fact that Roy starts out small and builds upon unit testing in each chapter. It is amazing …

Continue reading

September 23, 2010
by Steven Swafford
Comments Off

Security Development Lifecycle: Introduction

I am not entirely sure how many parts of this subject there will be however, I felt I had to start somewhere. Basically I would like to use this series as an opportunity to interact with you on the level of sharing Security Development Lifecycle (SDL) methodologies. In other words, is SDL important, what tools do you employ, how do you approach education, and most importantly with the ever changing security threats how does one stay current? How would you answer these questions? To answer my first question, SDL is absolutely important and as I see this subject it is …

Continue reading

September 17, 2010
by Steven Swafford
Comments Off

Security Development Lifecycle Design

Later this month, I will be attending a one day event held by Microsoft in New York, New York on the subject of Security Development Lifecycle. The speaker is Doug Cavit, Principle Security Strategist at Microsoft Corp. Discussions will based upon include discussions based on Customer Focused Design principles and The Ishikawa Method. Both methodologies should facilitate a highly interactive discussion while driving to actionable results. In other words it should be exciting. In the spirit of Security Development Lifecycle, I have put together a handful of resources that I hope you find informational: Code Access Security What’s New in …

Continue reading

September 15, 2010
by Steven Swafford
Comments Off

Theme Giveaway: Weekly By Theme Junkie

Okay all of you theme junkies, no pun intended. Today I secured the theme Weekly from Theme Junkie and I thought that I would give one person a chance to win this theme. Should you be interest the rules are very simple. Leave a comment explaining why you want this theme and be creative. Don’t just say because I like it. On 1 Oct I will select a winner based upon the comments received solely at my discretion. Again, the more creative you are with your comment the better your chance. Features: Newly Designed & Easy-to-use Theme Options(New!) Unlimited One/Two …

Continue reading