ASP.NET 2.0 Security Guidance

  • Article

I just saw an email from JD via Brian that provided a single list of all the ASP.NET 2.0 Security Guidance work they've produced in recent months...it's an impressive list which I thought was valuable to share:

Key Recommendations/Guidelines:

ASP.NET 2.0 Security Guidelines:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGGuidelines0001.asp
ASP.NET 2.0 Security Checklist:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGCK0001.asp
ASP.NET 2.0 Security Practices at a Glance:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGPractices0001.asp

How Things Work:

Forms Authentication Explained:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0002.asp
Windows Authentication Explained:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0001.asp

Security Engineering
Web Application Security Engineering:
Includes threat modeling web applications, security design review, security code review, and security deployment review.
Home: https://msdn.microsoft.com/library/en-us/dnpag2/html/WebAppSecurityEngIndex.asp 

ASP.NET 2.0 Security Code Review:

How To:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000027.asp
ASP.NET 2.0 Question List:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGQuestionList0001.asp

Cheat Sheets

Cheat Sheet: Web Application Security Threats, Attacks, Vulnerablities, and Countermeasures:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGQuestionList0001.asp

Index of ASP.NET 2.0 Security Guidance

ASP.NET 2.0 Security Guidance View:
https://msdn.microsoft.com/library/en-us/dnpag2/html/ASPNET2SecurityGuidanceIndex.asp

-Darryl