This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Developers"
From OWASP
(→Areas of Concern) |
ParanoidMike (talk | contribs) (improved formatting, updated links) |
||
(19 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
− | == | + | ==Summary== |
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | ||
− | + | ==Areas of Concern== | |
− | *Secure | + | * [[Secure Development Lifecycle]] |
+ | ** Overview | ||
+ | ** Checklists | ||
+ | ** Tools | ||
− | * | + | * [[.NET Secure Coding | .NET Secure Coding]] |
+ | ** Partial Trust | ||
+ | ** Cross Platform | ||
− | * | + | * [[.NET CIA | Confidentiality, Integrity and Availability in Practice]] |
− | + | ** Cryptography | |
+ | ** Debugging and Instrumentation | ||
+ | ** Adaptive Web Applications and failing gracefully | ||
− | Authorization | + | * [[.NET Security Features | .NET Security Features (by Version)]] |
+ | ** Authentication Best Practices | ||
+ | ** Authorization | ||
+ | ** Security Demands | ||
− | + | * [[.NET Unit and Integration Testing | Unit and Integration Testing]] | |
+ | ** Test First (TDD) and Design Patterns | ||
+ | ** Fuzzing | ||
− | * | + | * .NET Web Technologies |
+ | ** [[ASP.NET_WebForms | ASP.NET WebForms]] | ||
+ | ** [[ASP.NET_MVC | ASP.NET Model View Controller]] | ||
+ | ** [[SilverLight | Silverlight]] | ||
+ | ** [[WSS | SharePoint (WSS)]] | ||
+ | ** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] | ||
− | + | ==Articles & Projects== | |
− | [http:// | + | [http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos] |
+ | ==Community Contributions== | ||
+ | [http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | ||
− | + | ==References== | |
+ | [http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2] | ||
− | + | ==Tools== | |
− | + | [[Source_Code_Analysis_Tools | Source Code Analysis Tools]] |
Latest revision as of 04:14, 1 September 2008
Summary
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.
Areas of Concern
- Secure Development Lifecycle
- Overview
- Checklists
- Tools
- .NET Secure Coding
- Partial Trust
- Cross Platform
- Confidentiality, Integrity and Availability in Practice
- Cryptography
- Debugging and Instrumentation
- Adaptive Web Applications and failing gracefully
- .NET Security Features (by Version)
- Authentication Best Practices
- Authorization
- Security Demands
- Unit and Integration Testing
- Test First (TDD) and Design Patterns
- Fuzzing
- .NET Web Technologies
Articles & Projects
"How Do I?" Microsoft Security Videos
Community Contributions
Developing ASP.NET in Partial Trust
References
Microsoft Security Development Lifecycle 3.2