A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.
First book is complete, second book is content complete and currently in technical review.
Redirects to legacy blog post.
I’ve recently undertaken another round of evaluating .NET mocking (fake/substitute/dummy/stub/ or what ever you want to call them now) libraries. Interestingly the landscape has changed quite a bit since last time I went through this exercise, which was about two years ago. The outcome of the previous investigation is at the bottom of this post.
Redirects to legacy blog post.
A short time ago, I was tasked with finding the right software engineer/s for the organisation I was working for. I settled on a process, a set of background questions, a set of practical programming exercises and a set of verbal questions. Later on I cut the set of verbal questions down to a quicker set. In this post, I’ll be going over the process and the full set of verbal questions. In a subsequent post I’ll go over the quicker set.
Redirects to legacy blog post.
Untrusted data (data entered by a user), should always be treated as though it contains attack code. This data should not be sent anywhere without taking the necessary steps to detect and neutralise the malicious code.
Redirects to legacy blog post.
This is the current set of coding standards and guidelines I use when I’m coding in the C#.NET language. I thought it would be good to share so others could get use out of them also, and maybe start a discussion as to amendments / changes they see that could be useful?
Redirects to legacy blog post.
Recently I was involved in an interview where I was queried on the Singleton Creational design pattern. I thought I’d share what I came up with. In order of preference from most to least used.
Redirects to legacy blog post.
An area I’ve noticed where engineers often forget to think about synchronization is when firing events. It seems to be a common misconception, that all that is needed to keep synchronisation, is to check the delegate (technically a `MulticastDelegate`, or in architectural terms the publisher of the publish-subscribe pattern (more commonly known as the observer pattern)) for null.
Redirects to legacy blog post.
Part three of a three part series.
On setting up a UPS solution, to enable clean shutdown of vital network components. In this post, we’ll be reviewing the library that performs the shutting down of our servers.