Book Image

Visual Studio 2019 Tricks and Techniques

By : Paul Schroeder, Aaron Cure
Book Image

Visual Studio 2019 Tricks and Techniques

By: Paul Schroeder, Aaron Cure

Overview of this book

Visual Studio 2019 (VS 2019) and Visual Studio Code (VS Code) are powerful professional development tools that help you to develop applications for any platform with ease. Whether you want to create web, mobile, or desktop applications, Microsoft Visual Studio is your one-stop solution. This book demonstrates some of the most sophisticated capabilities of the tooling and shows you how to use the integrated development environment (IDE) more efficiently to be more productive. You’ll begin by gradually building on concepts, starting with the basics. The introductory chapters cover shortcuts, snippets, and numerous optimization tricks, along with debugging techniques, source control integration, and other important IDE features that will help you make your time more productive. With that groundwork in place, more advanced concepts such as the inner workings of project and item templates are covered. You will also learn how to write quality, secure code more efficiently as well as discover how certain Visual Studio features work 'under the hood'. By the end of this Visual Studio book, you’ll have learned how to write more secure code faster than ever using your knowledge of the extensions and processes that make developing successful solutions more enjoyable and repeatable.
Table of Contents (21 chapters)
1
Section 1: Visual Studio IDE Productivity Essentials
9
Section 2: Customizing Project Templates and Beyond
13
Section 3: Leveraging Extensions for the Win

Chapter 15: Secure Code with Puma Scan

As developers, we are called on not only to implement business functionality but often to function as the first line of defense against attacks. The code that we write needs to be not only performant, flawless, and elegant, but also secure. Many developers have never been exposed to secure coding practices, let alone had the opportunity to develop any proficiency at implementing them.

One of the best ways to spot-check secure coding practices, especially for teams with little or no exposure to secure coding practices, is to use a tool, often called a static source code analyzer, or simply a static analyzer. Fortunately, we have one available for use right in Visual Studio 2019 for Windows and Visual Studio Code (VS Code), called Puma Scan.

In this chapter, we will discuss the following topics:

  • Understanding common application security vulnerabilities
  • Finding vulnerabilities for fun and profit
  • Automating vulnerability detection...