[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: ANN: Improving Web Application Security: Threats and Countermeasures
From: "Anil John" <atj () CyberForge ! com>
Date: 2003-06-13 3:01:27
[Download RAW message or body]
Bake security into the application lifecycle. It's a comprehensive guide
for creating "hack resilient" apps. Use the guide to secure the network,
host and application (there's something for architects, devs, system
admins, testers, and security pros). It's principle-based and threat
focused. Guidance is task-based and modular with tons of implementation
steps. Deep drill-down on each technology, Code Access Security, ASP.NET,
Enterprise Services, Web Services, Remoting, and Data Access (ADO.NET/SQL
Server), with threats and countermeasures are provided. Also, includes
checklists and How Tos.
Key Problems Solved:
- Hosting multiple Web Apps securely
- Writing secure managed code
- Designing secure apps
- Using CAS from ASP.NET
- Preventing key security issues: Input validation, SQL injection,
Cross-Site Scripting
- Securing your developer workstation
- Securing your web server
- Securing your database server
- Locking down ASP.NET
- Performing security reviews on design, code, and deployment
Download @
http://msdn.microsoft.com/library/en-us/dnnetsec/html/threatcounter.asp
This is the second book in the .NET/Web Security Series from the
Microsoft Patterns and Practices Team. The first was "Building Secure
Microsoft ASP.NET Applications" which is available @
http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp
- Anil
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic