Difference between revisions of ".NET Security for Developers"
From OWASP
(→Areas of Concern) |
ParanoidMike (talk | contribs) (improved formatting, updated links) |
||
| Line 1: | Line 1: | ||
| − | == | + | ==Summary== |
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | ||
| − | + | ==Areas of Concern== | |
| − | *[[Secure Development Lifecycle]] | + | * [[Secure Development Lifecycle]] |
| − | **Overview | + | ** Overview |
| − | **Checklists | + | ** Checklists |
| − | **Tools | + | ** Tools |
| − | *[[.NET Secure Coding | .NET Secure Coding]] | + | * [[.NET Secure Coding | .NET Secure Coding]] |
| − | **Partial Trust | + | ** Partial Trust |
| − | **Cross Platform | + | ** Cross Platform |
| − | *[[.NET CIA | Confidentiality, Integrity and Availability in Practice]] | + | * [[.NET CIA | Confidentiality, Integrity and Availability in Practice]] |
| − | **Cryptography | + | ** Cryptography |
| − | **Debugging and Instrumentation | + | ** Debugging and Instrumentation |
| − | **Adaptive Web Applications and failing gracefully | + | ** Adaptive Web Applications and failing gracefully |
| − | *[[.NET Security Features | .NET Security Features (by Version)]] | + | * [[.NET Security Features | .NET Security Features (by Version)]] |
| − | **Authentication Best Practices | + | ** Authentication Best Practices |
| − | **Authorization | + | ** Authorization |
| − | **Security Demands | + | ** Security Demands |
| − | *[[.NET Unit and Integration Testing | Unit and Integration Testing]] | + | * [[.NET Unit and Integration Testing | Unit and Integration Testing]] |
| − | **Test First (TDD) and Design Patterns | + | ** Test First (TDD) and Design Patterns |
| − | **Fuzzing | + | ** Fuzzing |
| − | *.NET Web Technologies | + | * .NET Web Technologies |
| − | **[ | + | ** [[ASP.NET_WebForms | ASP.NET WebForms]] |
| − | **[ | + | ** [[ASP.NET_MVC | ASP.NET Model View Controller]] |
| − | **[ | + | ** [[SilverLight | Silverlight]] |
| − | **[ | + | ** [[WSS | SharePoint (WSS)]] |
| − | **[[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] | + | ** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] |
| − | + | ==Articles & Projects== | |
| − | [http:// | + | [http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos] |
| − | + | ==Community Contributions== | |
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | [http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | ||
| − | + | ==References== | |
| − | [http:// | + | [http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2] |
| − | + | ==Tools== | |
| − | [ | + | [[Source_Code_Analysis_Tools | Source Code Analysis Tools]] |
Latest revision as of 04:14, 1 September 2008
Contents
Summary
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.
Areas of Concern
- Secure Development Lifecycle
- Overview
- Checklists
- Tools
- .NET Secure Coding
- Partial Trust
- Cross Platform
- Confidentiality, Integrity and Availability in Practice
- Cryptography
- Debugging and Instrumentation
- Adaptive Web Applications and failing gracefully
- .NET Security Features (by Version)
- Authentication Best Practices
- Authorization
- Security Demands
- Unit and Integration Testing
- Test First (TDD) and Design Patterns
- Fuzzing
- .NET Web Technologies
Articles & Projects
"How Do I?" Microsoft Security Videos
Community Contributions
Developing ASP.NET in Partial Trust
References
Microsoft Security Development Lifecycle 3.2
