This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP .NET Recommended Resources"
m (.NET Recommended moved to OWASP .NET Recommended Resources: New title for clarity) |
|||
Line 1: | Line 1: | ||
− | OWASP .NET Recommended Resources | + | {| align="right" class="wikitable" |
+ | |- | ||
+ | ! OWASP .NET Quick Reference | ||
+ | |- | ||
+ | | | ||
+ | *[[OWASP Code Review Project]]<br /> | ||
+ | *[[OWASP Testing Guide]]<br /> | ||
+ | |- | ||
+ | |} | ||
+ | ==OWASP .NET Recommended Resources== | ||
+ | |||
+ | |||
+ | ===Areas of Concern=== | ||
+ | |||
+ | *Getting Started | ||
+ | |||
+ | *Tutorials | ||
+ | |||
+ | *Best Practices | ||
+ | |||
+ | *OWASP Guidance and Tools | ||
+ | |||
+ | ===Articles & Projects=== | ||
+ | |||
+ | [http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture] | ||
+ | |||
+ | [http://msdn2.microsoft.com/en-us/library/ms998404.aspx Security Engineering] | ||
+ | |||
+ | [http://www.developer.com/design/article.php/3607471 Solutions to SOA Security] | ||
+ | |||
+ | [http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications] | ||
+ | |||
+ | [http://www.codeplex.com/WCFSecurity Security Guidance for Windows Communication Foundation] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms978357.aspx Security and Operational Guidance for .NET Applications] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms998404.aspx patterns & practices Security Engineering Index] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms998408.aspx patterns & practices Security Guidance for Applications Index] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms954725.aspx patterns & practices Security Guidance for .NET Framework 2.0] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms978378.aspx Authentication in ASP.NET: .NET Security Guidance] | ||
+ | |||
+ | ===Online References=== | ||
+ | |||
+ | [http://msdn2.microsoft.com/en-us/practices/default.aspx Patterns and Practices] | ||
+ | |||
+ | [http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/security/default.aspx MSDN Security Developer Center] | ||
+ | |||
+ | ===Books and Publications=== | ||
+ | |||
+ | [http://www.microsoft.com/mspress/books/5957.aspx Writing Secure Code], Michael Howard and David LeBlanc | ||
+ | |||
+ | [http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2] | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/aa302415.aspx Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication], J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy | ||
+ | |||
+ | [http://msdn.microsoft.com/en-us/library/ms994921.aspx Improving Web Application Security: Threats and Countermeasures], J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan | ||
+ | |||
+ | [http://msdn.microsoft.com/en-gb/security/aa473878.aspx Developer Highway Code], Microsoft Corp, United Kingdom | ||
+ | |||
+ | ===Tools=== | ||
+ | |||
+ | [http://www.microsoft.com/downloads/details.aspx?familyid=59888078-9daf-4e96-b7d1-944703479451&displaylang=en Microsoft Threat Analysis & Modeling v2.1.2] | ||
+ | |||
+ | ===Blogs & People=== | ||
+ | |||
+ | [http://securitybuddha.com/ Mark Curphrey's Blog] | ||
+ | |||
+ | [http://blogs.msdn.com/michael_howard/default.aspx Michael Howard's Blog] | ||
+ | |||
+ | [http://blogs.msdn.com/jmeier/archive/tags/Security+Development/default.aspx J.D. Meier's Blog] | ||
+ | |||
+ | [http://www.leastprivilege.com Dominick Baier's Blog] | ||
+ | |||
+ | [http://blogs.msdn.com/shawnfa/default.aspx .NET Security Blog (Shawn Farkas) |
Revision as of 04:45, 17 June 2008
OWASP .NET Quick Reference |
---|
OWASP .NET Recommended Resources
Areas of Concern
- Getting Started
- Tutorials
- Best Practices
- OWASP Guidance and Tools
Articles & Projects
Security Guidance for Windows Communication Foundation
Security and Operational Guidance for .NET Applications
patterns & practices Security Engineering Index
patterns & practices Security Guidance for Applications Index
patterns & practices Security Guidance for .NET Framework 2.0
Authentication in ASP.NET: .NET Security Guidance
Online References
Patterns and Practices Security Wiki
MSDN Security Developer Center
Books and Publications
Writing Secure Code, Michael Howard and David LeBlanc
Microsoft Security Development Lifecycle 3.2
Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication, J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy
Improving Web Application Security: Threats and Countermeasures, J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan
Developer Highway Code, Microsoft Corp, United Kingdom
Tools
Microsoft Threat Analysis & Modeling v2.1.2
Blogs & People
[http://blogs.msdn.com/shawnfa/default.aspx .NET Security Blog (Shawn Farkas)