ASP.NET 2.0 Security Guidance
I just saw an email from JD via Brian that provided a single list of all the ASP.NET 2.0 Security Guidance work they've produced in recent months...it's an impressive list which I thought was valuable to share:
Key Recommendations/Guidelines:
ASP.NET 2.0 Security Guidelines:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGGuidelines0001.asp
ASP.NET 2.0 Security Checklist:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGCK0001.asp
ASP.NET 2.0 Security Practices at a Glance:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGPractices0001.asp
How Things Work:
Forms Authentication Explained:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0002.asp
Windows Authentication Explained:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0001.asp
Security Engineering
Web Application Security Engineering:
Includes threat modeling web applications, security design review, security code review, and security deployment review.
Home: https://msdn.microsoft.com/library/en-us/dnpag2/html/WebAppSecurityEngIndex.asp
ASP.NET 2.0 Security Code Review:
How To:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000027.asp
ASP.NET 2.0 Question List:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGQuestionList0001.asp
Cheat Sheets
Cheat Sheet: Web Application Security Threats, Attacks, Vulnerablities, and Countermeasures:
https://msdn.microsoft.com/library/en-us/dnpag2/html/PAGQuestionList0001.asp
Index of ASP.NET 2.0 Security Guidance
ASP.NET 2.0 Security Guidance View:
https://msdn.microsoft.com/library/en-us/dnpag2/html/ASPNET2SecurityGuidanceIndex.asp
-Darryl