This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of ".NET Security for Architects"

Jump to: navigation, search
Line 4: Line 4:
*[[OWASP Code Review Project]]<br />
*[[OWASP Testing Guide]]<br />
*[[OWASP Testing Guide]]<br />

Revision as of 03:16, 27 April 2008

.NET Security Quick Reference

.NET Security for Architects

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Application Lifecycle
  • Conceptual Architecture
  • Security Requirements & Threat Modeling
  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion
  • Protecting Data in Motion and at Rest (Data Loss Prevention)


ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications


International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Microsoft Security Development Lifecycle 3.2