This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Developers"
From OWASP
(→Areas of Concern) |
ParanoidMike (talk | contribs) (improved formatting, updated links) |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
− | == | + | ==Summary== |
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | ||
− | + | ==Areas of Concern== | |
− | *Secure Development Lifecycle | + | * [[Secure Development Lifecycle]] |
− | ** | + | ** Overview |
− | ** | + | ** Checklists |
− | ** | + | ** Tools |
− | *[[.NET Secure Coding | .NET Secure Coding]] | + | * [[.NET Secure Coding | .NET Secure Coding]] |
− | **Partial Trust | + | ** Partial Trust |
− | **Cross Platform | + | ** Cross Platform |
− | *[[.NET CIA | Confidentiality, Integrity and Availability in Practice]] | + | * [[.NET CIA | Confidentiality, Integrity and Availability in Practice]] |
− | **Cryptography | + | ** Cryptography |
− | **Debugging and Instrumentation | + | ** Debugging and Instrumentation |
− | **Adaptive Web Applications and failing gracefully | + | ** Adaptive Web Applications and failing gracefully |
− | *[[.NET Security Features | .NET Security Features (by Version)]] | + | * [[.NET Security Features | .NET Security Features (by Version)]] |
− | **Authentication Best Practices | + | ** Authentication Best Practices |
− | **Authorization | + | ** Authorization |
− | **Security Demands | + | ** Security Demands |
− | *[[.NET Unit and Integration Testing | Unit and Integration Testing]] | + | * [[.NET Unit and Integration Testing | Unit and Integration Testing]] |
− | **Test First (TDD) and Design Patterns | + | ** Test First (TDD) and Design Patterns |
− | **Fuzzing | + | ** Fuzzing |
− | *.NET Web Technologies | + | * .NET Web Technologies |
− | **[ | + | ** [[ASP.NET_WebForms | ASP.NET WebForms]] |
− | **[ | + | ** [[ASP.NET_MVC | ASP.NET Model View Controller]] |
− | **[ | + | ** [[SilverLight | Silverlight]] |
− | **[ | + | ** [[WSS | SharePoint (WSS)]] |
− | **[[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] | + | ** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] |
− | + | ==Articles & Projects== | |
− | [http:// | + | [http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos] |
− | + | ==Community Contributions== | |
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | [http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | ||
− | + | ==References== | |
− | [http:// | + | [http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2] |
− | + | ==Tools== | |
− | [ | + | [[Source_Code_Analysis_Tools | Source Code Analysis Tools]] |
Latest revision as of 04:14, 1 September 2008
Summary
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.
Areas of Concern
- Secure Development Lifecycle
- Overview
- Checklists
- Tools
- .NET Secure Coding
- Partial Trust
- Cross Platform
- Confidentiality, Integrity and Availability in Practice
- Cryptography
- Debugging and Instrumentation
- Adaptive Web Applications and failing gracefully
- .NET Security Features (by Version)
- Authentication Best Practices
- Authorization
- Security Demands
- Unit and Integration Testing
- Test First (TDD) and Design Patterns
- Fuzzing
- .NET Web Technologies
Articles & Projects
"How Do I?" Microsoft Security Videos
Community Contributions
Developing ASP.NET in Partial Trust
References
Microsoft Security Development Lifecycle 3.2