.NET Security for Developers

Summary

Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.

Areas of Concern

• Secure Development Lifecycle
  • Overview
  • Checklists
  • Tools

• .NET Secure Coding
  • Partial Trust
  • Cross Platform

• Confidentiality, Integrity and Availability in Practice
  • Cryptography
  • Debugging and Instrumentation
  • Adaptive Web Applications and failing gracefully

• .NET Security Features (by Version)
  • Authentication Best Practices
  • Authorization
  • Security Demands

• Unit and Integration Testing
  • Test First (TDD) and Design Patterns
  • Fuzzing

• .NET Web Technologies
  • ASP.NET WebForms
  • ASP.NET Model View Controller
  • Silverlight
  • SharePoint (WSS)
  • Windows Communications Foundation Security Best Practices

Articles & Projects

"How Do I?" Microsoft Security Videos

Community Contributions

Developing ASP.NET in Partial Trust

References

Microsoft Security Development Lifecycle 3.2

Tools

Source Code Analysis Tools