Secure applications
Applies to: Visual Studio Visual Studio for Mac
Note
This article applies to Visual Studio 2017. If you're looking for the latest Visual Studio documentation, see Visual Studio documentation. We recommend upgrading to the latest version of Visual Studio. Download it here
You should consider security in all aspects of your application development, from design to deployment. Start by running Visual Studio as securely as possible. See User permissions.
To help you effectively develop secure applications, you should have a fundamental understanding of security concepts and the security features of the platforms for which you develop. You should also understand secure coding techniques.
Code for security
Most coding errors that result in security vulnerabilities occur because developers make incorrect assumptions when working with user input, or because they don't fully understand the platform for which they're developing.
- Secure coding guidelines describes the different ways .NET code can be designed to work with the security system.
- Security best practices for C++ contains information about security tools and practices for C++ developers.
Build for security
Security is also an important consideration in the build process. A few additional steps can improve the security of a deployed app and help prevent unauthorized reverse engineering, spoofing, or other attacks:
- Dotfuscator is free and helps to protect .NET assemblies from reverse-engineering and unauthorized use such as unauthorized debugging.
- Strong-name signing can be used to uniquely identify software components and prevent name spoofing.