secure-dev.md · murplz, inc

explorer

▾ murplz, inc 3srom.dev

≡index.md ⬡services.cs ◈about.lua ⚙contact.toml

▸ ▸ solutions/

⬡secure-dev.md ⬡code-review.md ⬡methodology.cs

▸ ▸ industries/

≡federal.md ≡defence.md ≡critical-infra.md

▸ ▸ partners/

≡teaming.md ≡bench.md

▸ ▸ resources/

≡insights.md ≡capability.md

▸ ▸ legal/

≡privacy.md ≡terms.md

links

⌥github/3srom

⌥github/murplz

# solutions/secure-dev.md
 
# Secure .NET Development
 
We write C# and .NET applications for federal IT
projects with security designed in from the
architecture stage. Threat modelling before code,
secure-by-default patterns during, and hardening
verification before delivery.
 
## what's included
 
- Architecture review against ITSG-33 control families
- Threat modelling (STRIDE)
- Secure coding to OWASP Top 10 and CWE Top 25
- Static analysis (SonarQube, Roslyn analyzers)
- Dependency vulnerability scanning
- Pre-delivery security verification
 
## stack
 

          C#
          .NET 8+
          ASP.NET Core
          Entity Framework
          Azure
          REST
          gRPC
          OAuth 2.0 / OIDC
          mTLS
        
 
## delivery model
 
As a named .NET resource on prime contractor bids,
or direct through TBIPS Stream 5 once qualified.
 
## related
 
- methodology.cs  // how we map controls to code
- code-review.md  // for existing codebases

Find Files

≡index.mdmarkdown

⬡services.cscsharp

◈about.lualua

⚙contact.tomltoml

⬡solutions/secure-dev.mdmarkdown

⬡solutions/code-review.mdmarkdown

⬡solutions/methodology.cscsharp

≡industries/federal.mdmarkdown

≡industries/defence.mdmarkdown

≡industries/critical-infra.mdmarkdown

≡partners/teaming.mdmarkdown

≡partners/bench.mdmarkdown

≡resources/insights.mdmarkdown

≡resources/capability.mdmarkdown

≡legal/privacy.mdmarkdown

≡legal/terms.mdmarkdown