Free tool for the static security analysis of .NET code

As a system designer, engineer or architect you might want to have a tool to perform analysis of .NET code for issues like cross-site request forgery (cross-site request forgery: Allows an attacker to execute commands as another user).

Using FxCop, a free tool that you can download here:

• https://www.microsoft.com/downloads/en/details.aspx?FamilyID=917023F6-D5B7-41BB-BBC0-411A7D66CF3C

For more detail  on FxCop you might want to check out this link:

• Improving ASP.NET Security with Visual Studio 2010 Code Analysis

If you search the MSDN Magazine then you will find many older articles on FxCop, in general they are good to read, but there are some changes to FxCop 10, so make sure to throw that grain of salt on your read.

To integrate FxCop into your Visual Studio 2010 you can do so with the tool from Codeplex:

• FxCop Integrator for Visual Studio 2010