This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Architects"
From OWASP
Line 4: | Line 4: | ||
|- | |- | ||
| | | | ||
+ | *[[OWASP Code Review Project]]<br /> | ||
*[[OWASP Testing Guide]]<br /> | *[[OWASP Testing Guide]]<br /> | ||
|- | |- |
Revision as of 03:16, 27 April 2008
.NET Security Quick Reference |
---|
.NET Security for Architects
Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.
Areas of Concern
- Application Lifecycle
- Conceptual Architecture
- Security Requirements & Threat Modeling
- Design Review
- Requirements Testing
- Implementation
- Separating Roles - Build Systems and Software Promotion
- Protecting Data in Motion and at Rest (Data Loss Prevention)
Articles
References
International Association of Software Architects
Patterns and Practices Security Wiki
Microsoft Security Development Lifecycle 3.2