I am working on a project with ca. 20 developers.
One thing we are finding is that it is difficult to keep up with code review.
Somethings we automate, like checking code complexity, finding empty catch blocks etc.
Other things are a bit more difficult.
For example in our case no data should be stored in session state. Is it possible to block this or get a warning if it has been done?
I am not familiar with the c#/visual studio world, but in principle static code analysis tools can be used to write tests, which will detect access to certain packages.
An alternative would be to AOP for checking.
And of course you can always run grep against the code base to find suspicious lines in the code.
NDepend is your friend for this.
It can be integrated into your build process (or run standalone), and then you can write CQL (NDepend's built in dependency query language) queries to spot things being called that shouldn't:
WARN IF Count > 0 IN SELECT METHODS WHERE IsDirectlyUsing "System.Xml.XmlWriter"
(will warn if any methods use the XmlWriter class)
Custom-built FxCop rules would be your friend here. Or, if you're using TFS, a custom checkin policy would work similarly. The best bet is to use the former, because then you can throw a build error when the offending code turns up - people will soon learn not to check that code in! TFS checkin policies are unfortunately too easy to override.