This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of ".NET Security for Developers"

From OWASP
Jump to: navigation, search
(Areas of Concern)
(improved formatting, updated links)
 
Line 1: Line 1:
==.NET Security for Developers==
+
==Summary==
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
  
===Areas of Concern===
+
==Areas of Concern==
*[[Secure Development Lifecycle]]
+
* [[Secure Development Lifecycle]]
**Overview
+
** Overview
**Checklists
+
** Checklists
**Tools
+
** Tools
  
*[[.NET Secure Coding | .NET Secure Coding]]
+
* [[.NET Secure Coding | .NET Secure Coding]]
**Partial Trust
+
** Partial Trust
**Cross Platform
+
** Cross Platform
  
*[[.NET CIA | Confidentiality, Integrity and Availability in Practice]]
+
* [[.NET CIA | Confidentiality, Integrity and Availability in Practice]]
**Cryptography
+
** Cryptography
**Debugging and Instrumentation
+
** Debugging and Instrumentation
**Adaptive Web Applications and failing gracefully
+
** Adaptive Web Applications and failing gracefully
  
*[[.NET Security Features | .NET Security Features (by Version)]]
+
* [[.NET Security Features | .NET Security Features (by Version)]]
**Authentication Best Practices
+
** Authentication Best Practices
**Authorization
+
** Authorization
**Security Demands
+
** Security Demands
  
*[[.NET Unit and Integration Testing | Unit and Integration Testing]]
+
* [[.NET Unit and Integration Testing | Unit and Integration Testing]]
**Test First (TDD) and Design Patterns
+
** Test First (TDD) and Design Patterns
**Fuzzing
+
** Fuzzing
  
*.NET Web Technologies
+
* .NET Web Technologies
**[http://www.owasp.org/index.php/ASP.NET_WebForms ASP.NET WebForms]
+
** [[ASP.NET_WebForms | ASP.NET WebForms]]
**[http://www.owasp.org/index.php/ASP.NET_MVC ASP.NET Model View Controller]
+
** [[ASP.NET_MVC | ASP.NET Model View Controller]]
**[http://www.owasp.org/index.php/SilverLight Silverlight]
+
** [[SilverLight | Silverlight]]
**[http://www.owasp.org/index.php/WSS Sharepoint]
+
** [[WSS | SharePoint (WSS)]]
**[[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]]
+
** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]]
  
===Articles & Projects===
+
==Articles & Projects==
[http://msdn2.microsoft.com/en-us/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
+
[http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
  
===Community Contributions===
+
==Community Contributions==
 
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust]
 
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust]
  
===References===
+
==References==
[http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2]
+
[http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2]
  
===Tools===
+
==Tools==
[http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Analysis Tools]
+
[[Source_Code_Analysis_Tools | Source Code Analysis Tools]]

Latest revision as of 04:14, 1 September 2008

Summary

Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.

Areas of Concern

Articles & Projects

"How Do I?" Microsoft Security Videos

Community Contributions

Developing ASP.NET in Partial Trust

References

Microsoft Security Development Lifecycle 3.2

Tools

Source Code Analysis Tools