C# and .NET have become an almost indispensable technology stack for many companies. Applications not only run on the desktop anymore, but also on our smartphones, large cloud applications and even medical devices. In this talk, we will discuss treacherous security traps and common mistakes around .NET development, including the use of cryptography, parser or character encoding, using illustrative code examples. We will first look at the effects of these errors and then explain how they can be avoided or repaired. For some examples, we will also take a brief glance at other languages such as Java to raise awareness on different language and framework design issues. This talk is suitable for developers without deep knowledge of secure software development; however, it is not exclusively aimed for pure C# developers. Prior knowledge of cryptography, the .NET runtimes, or various 3rd party APIs is helpful, but not required.