This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Developers"
From OWASP
ParanoidMike (talk | contribs) (improved formatting, updated links) |
|||
| (10 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | == | + | ==Summary== |
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer. | ||
| − | + | ==Areas of Concern== | |
| − | *Secure | + | * [[Secure Development Lifecycle]] |
| − | ** | + | ** Overview |
| − | ** | + | ** Checklists |
| + | ** Tools | ||
| − | * | + | * [[.NET Secure Coding | .NET Secure Coding]] |
| − | ** | + | ** Partial Trust |
| − | ** | + | ** Cross Platform |
| − | |||
| − | * | + | * [[.NET CIA | Confidentiality, Integrity and Availability in Practice]] |
| − | ** | + | ** Cryptography |
| − | ** | + | ** Debugging and Instrumentation |
| − | ** | + | ** Adaptive Web Applications and failing gracefully |
| − | * | + | * [[.NET Security Features | .NET Security Features (by Version)]] |
| − | ** | + | ** Authentication Best Practices |
| − | ** | + | ** Authorization |
| + | ** Security Demands | ||
| − | * | + | * [[.NET Unit and Integration Testing | Unit and Integration Testing]] |
| − | ** | + | ** Test First (TDD) and Design Patterns |
| + | ** Fuzzing | ||
| − | + | * .NET Web Technologies | |
| − | [ | + | ** [[ASP.NET_WebForms | ASP.NET WebForms]] |
| + | ** [[ASP.NET_MVC | ASP.NET Model View Controller]] | ||
| + | ** [[SilverLight | Silverlight]] | ||
| + | ** [[WSS | SharePoint (WSS)]] | ||
| + | ** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]] | ||
| − | ===Community Contributions | + | ==Articles & Projects== |
| + | [http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos] | ||
| + | |||
| + | ==Community Contributions== | ||
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | [http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust] | ||
| − | + | ==References== | |
| − | + | [http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2] | |
| − | + | ==Tools== | |
| − | [ | + | [[Source_Code_Analysis_Tools | Source Code Analysis Tools]] |
Latest revision as of 04:14, 1 September 2008
Summary
Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.
Areas of Concern
- Secure Development Lifecycle
- Overview
- Checklists
- Tools
- .NET Secure Coding
- Partial Trust
- Cross Platform
- Confidentiality, Integrity and Availability in Practice
- Cryptography
- Debugging and Instrumentation
- Adaptive Web Applications and failing gracefully
- .NET Security Features (by Version)
- Authentication Best Practices
- Authorization
- Security Demands
- Unit and Integration Testing
- Test First (TDD) and Design Patterns
- Fuzzing
- .NET Web Technologies
Articles & Projects
"How Do I?" Microsoft Security Videos
Community Contributions
Developing ASP.NET in Partial Trust
References
Microsoft Security Development Lifecycle 3.2
