Difference between revisions of ".NET Security for Developers"

From OWASP
Jump to: navigation, search
(Areas of Concern)
(improved formatting, updated links)
 
(19 intermediate revisions by one user not shown)
Line 1: Line 1:
==.NET Security for Developers==
+
==Summary==
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
  
===Areas of Concern===
+
==Areas of Concern==
*Secure Coding
+
* [[Secure Development Lifecycle]]
 +
** Overview
 +
** Checklists
 +
** Tools
  
*Confidentiality, Integrity and Availability in Practice
+
* [[.NET Secure Coding | .NET Secure Coding]]
 +
** Partial Trust
 +
** Cross Platform
  
*Security Features
+
* [[.NET CIA | Confidentiality, Integrity and Availability in Practice]]
Authentication Best Practices
+
** Cryptography
 +
** Debugging and Instrumentation
 +
** Adaptive Web Applications and failing gracefully
  
Authorization
+
* [[.NET Security Features | .NET Security Features (by Version)]]
 +
** Authentication Best Practices
 +
** Authorization
 +
** Security Demands
  
Security Demands
+
* [[.NET Unit and Integration Testing | Unit and Integration Testing]]
 +
** Test First (TDD) and Design Patterns
 +
** Fuzzing
  
*Unit Testing
+
* .NET Web Technologies
 +
** [[ASP.NET_WebForms | ASP.NET WebForms]]
 +
** [[ASP.NET_MVC | ASP.NET Model View Controller]]
 +
** [[SilverLight | Silverlight]]
 +
** [[WSS | SharePoint (WSS)]]
 +
** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]]
  
===Articles===
+
==Articles & Projects==
[http://msdn2.microsoft.com/en-us/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
+
[http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
  
 +
==Community Contributions==
 +
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust]
  
===References===
+
==References==
 +
[http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2]
  
 
+
==Tools==
===Tools===
+
[[Source_Code_Analysis_Tools | Source Code Analysis Tools]]

Latest revision as of 23:14, 31 August 2008

Contents

Summary

Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.

Areas of Concern

Articles & Projects

"How Do I?" Microsoft Security Videos

Community Contributions

Developing ASP.NET in Partial Trust

References

Microsoft Security Development Lifecycle 3.2

Tools

Source Code Analysis Tools