Difference between revisions of "OWASP .NET Recommended Resources"

From OWASP
Jump to: navigation, search
(Added Resources)
 
Line 27: Line 27:
  
 
[http://www.troyhunt.com/ Troy Hunt's Blog]
 
[http://www.troyhunt.com/ Troy Hunt's Blog]
 +
 +
[https://www.preemptive.com/blog App Protection Blog]
  
 
===Advisories, Articles & Projects===
 
===Advisories, Articles & Projects===
Line 51: Line 53:
  
 
[http://www.microsoft.com/technet/security/advisory/954462.mspx Microsoft Security Advisory (954462) (SQL Injection Advisory)]
 
[http://www.microsoft.com/technet/security/advisory/954462.mspx Microsoft Security Advisory (954462) (SQL Injection Advisory)]
 +
 +
[https://www.microsoft.com/en-us/sdl Security Development Lifecycle]
  
 
===Online References, Training===
 
===Online References, Training===
Line 65: Line 69:
  
 
[http://www.teammentor.net/teamMentor TeamMentor]
 
[http://www.teammentor.net/teamMentor TeamMentor]
 +
 +
[https://docs.microsoft.com/en-us/dotnet/standard/security/ Security in the .NET Framework]
  
 
===Books and Publications===
 
===Books and Publications===
Line 91: Line 97:
  
 
[http://support.microsoft.com/kb/954476 MS Source Code Analyser for SQL Injection]
 
[http://support.microsoft.com/kb/954476 MS Source Code Analyser for SQL Injection]
 +
 +
[https://docs.microsoft.com/en-us/visualstudio/ide/dotfuscator/ Visual Studio .NET Obfuscator]

Latest revision as of 06:39, 11 May 2018

OWASP .NET Quick Reference

OWASP .NET Recommended Resources

This is a canonical list of outside resources for .NET developers seeking security information.

Blogs & People

Mark Curphrey's Blog

Michael Howard's Blog

J.D. Meier's Blog

Dominick Baier's Blog

Shawn Farkas' Blog

Microsoft's ACE Team

Troy Hunt's Blog

App Protection Blog

Advisories, Articles & Projects

Security and Operational Guidance for .NET Applications

ASP.NET Security Architecture

patterns & practices Security Engineering Index

patterns & practices Security Guidance for Applications Index

patterns & practices Security Guidance for .NET Framework 2.0

Authentication in ASP.NET: .NET Security Guidance

Security Engineering

Solutions to SOA Security

Web Service Specifications

Security Guidance for Windows Communication Foundation

Microsoft Security Advisory (954462) (SQL Injection Advisory)

Security Development Lifecycle

Online References, Training

Patterns and Practices

MSDN Security Developer Center

Microsoft Security Resources

Pluralsight Security Course Catalog

OWASP Top 10 for .NET developers - Troy Hunt

TeamMentor

Security in the .NET Framework

Books and Publications

Writing Secure Code, Michael Howard and David LeBlanc

Microsoft Security Development Lifecycle 3.2

Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication, J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy

Improving Web Application Security: Threats and Countermeasures, J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan

Developer Highway Code, Microsoft Corp, United Kingdom

Security Driven .NET, Stan Drapkin

Tools

Microsoft Threat Modeling Tool 2014

Anti-Cross Site Scripting

URLScan

Microsoft Source Code Analyzer

MS Source Code Analyser for SQL Injection

Visual Studio .NET Obfuscator