Difference between revisions of ".NET Security for Developers"

From OWASP
Jump to: navigation, search
(References)
(improved formatting, updated links)
 
(8 intermediate revisions by one user not shown)
Line 1: Line 1:
==.NET Security for Developers==
+
==Summary==
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
 
Developers are responsible for creating secure, trustworthy web applications and services.  This section is to provide tools and guidance for the .NET Developer.
  
===Areas of Concern===
+
==Areas of Concern==
*Secure Coding
+
* [[Secure Development Lifecycle]]
**Partial Trust
+
** Overview
**Cross Platform
+
** Checklists
 +
** Tools
  
*Confidentiality, Integrity and Availability in Practice
+
* [[.NET Secure Coding | .NET Secure Coding]]
**Cryptography
+
** Partial Trust
**Debugging and Instrumentation
+
** Cross Platform
**Adaptive Web Applications and failing gracefully
+
  
*Security Features
+
* [[.NET CIA | Confidentiality, Integrity and Availability in Practice]]
**Authentication Best Practices
+
** Cryptography
**Authorization
+
** Debugging and Instrumentation
**Security Demands
+
** Adaptive Web Applications and failing gracefully
  
*Unit Testing
+
* [[.NET Security Features | .NET Security Features (by Version)]]
**Test First (TDD) and Design Patterns
+
** Authentication Best Practices
**Fuzzing
+
** Authorization
 +
** Security Demands
  
*.NET Web Technologies
+
* [[.NET Unit and Integration Testing | Unit and Integration Testing]]
**[http://www.owasp.org/index.php/ASP.NET_WebForms ASP.NET WebForms]
+
** Test First (TDD) and Design Patterns
**[http://www.owasp.org/index.php/ASP.NET_MVC ASP.NET Model View Controller]
+
** Fuzzing
**[http://www.owasp.org/index.php/SilverLight Silverlight]
+
**[http://www.owasp.org/index.php/WSS Sharepoint]
+
  
===Articles===
+
* .NET Web Technologies
[http://msdn2.microsoft.com/en-us/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
+
** [[ASP.NET_WebForms | ASP.NET WebForms]]
 +
** [[ASP.NET_MVC | ASP.NET Model View Controller]]
 +
** [[SilverLight | Silverlight]]
 +
** [[WSS | SharePoint (WSS)]]
 +
** [[WCF Security Best Practices | Windows Communications Foundation Security Best Practices]]
  
===Community Contributions===
+
==Articles & Projects==
 +
[http://msdn.microsoft.com/security/bb896640.aspx "How Do I?" Microsoft Security Videos]
 +
 
 +
==Community Contributions==
 
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust]
 
[http://keepitlocked.net/archive/2008/04/11/developing-asp-net-in-partial-trust.aspx Developing ASP.NET in Partial Trust]
  
===References===
+
==References==
[http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2]
+
[http://go.microsoft.com/?linkid=8685076 Microsoft Security Development Lifecycle 3.2]
  
===Tools===
+
==Tools==
[http://www.owasp.org/index.php/Source_Code_Audit_Tools Source Code Analysis Tools]
+
[[Source_Code_Analysis_Tools | Source Code Analysis Tools]]

Latest revision as of 23:14, 31 August 2008

Contents

Summary

Developers are responsible for creating secure, trustworthy web applications and services. This section is to provide tools and guidance for the .NET Developer.

Areas of Concern

Articles & Projects

"How Do I?" Microsoft Security Videos

Community Contributions

Developing ASP.NET in Partial Trust

References

Microsoft Security Development Lifecycle 3.2

Tools

Source Code Analysis Tools