Consulting And Security Reviews – How To Get Everyone Onboard

     Security reviews are a respected methodology.  People know about them, and probably use them semi-regularly. Ask anyone if security reviews are important, and they would all say yes.  Ask them if they do it regularly, and most would say no. Related Materials Three Laws Of Consulting By Gerald M. Weinberg Security Code Review –…

9

ASP.NET Performance By Design: Takeaways From PDC

     During PDC, there were 5 dedicated sessions for improving performance in .Net titled "Performance By Design". The presenters are Rico Mariani, Vance Morrison, and Mark Friedman. These guys live and breathe performance. Although I did not make to get to PDC, I was following after what’s going on there. Fortunately, Vance published all slides…

1

SharePoint Performance : Design, Implement, Deploy For Fast Experience.

     Rico Says :  Performance by Design. I say : Yeesh!! I am a big fan of the idea that Performance should be integrated into the whole dev lifecycle. As I am getting more involved with Sharepoint I become more confident applying same approach to Sharepoint implementation with Performance in mind. This post summarizes my…

2

.Net Performance And Security Knowledge Management (Including Sharepoint Template For Download)

     Use MS Sharepoint to manage your .Net Security and Performance Engineering (or any other) knowledge.     Applying simple steps you can create a very powerful KB (Knowledge Base) to serve your needs. It will allow you find very quickly relevant knowledge either using categories or keyword search. You can package your KB and redeploy on…

1

ASP.NET Performance Engineering – Stress Test Your Architecture, Design, And Code

Field experience proves – the earlier performance is tackled in development lifecycle the better results achieved. Below are most frequent practices that were most helpful in my engagement with the customers. Architecture/Design phase Set performance scope using Performance Frame Set performance objectives – Performance Testing Objectives Document Template Generate and distribute performance engineering principles document…

11

patterns & practices WCF Security Guidance Project – live on Codeplex

patterns & practices has recently released WCF Security Guidance Project. JD, the program manager behind the effort, has been blogging about it too.It is evolving project but the initial content is fantastic already. It has Application Scenarios, Video Index, but my favorites are How-To’s: How To – Create and Install Temporary Certificates in WCF for…

1

Performance Sin – Using Exceptions To Control Flow

Want to spot coding anti-patterns from performance perspective without actually looking in the code? One of the common performance coding anti-patterns I’ve noticed lately is using Exception Handling to control program flow. The anti-patterns Most common anti-pattern is just using exception handling to control flow, in some cases it was even nested exception handling –…

4

Security Code Review – Use Visual Studio Bookmarks To Capture Security Findings

How to streamline the process of capturing security flaws during security code review? How to save time and avoid switching between the tools? How to stay focused? In this post I will show my simple technique to capture security flaws using Bookmarks in Visual Studio. Create bookmark folders. Hit Ctrl + K and then Ctrl…

3