Improving Web Application Security: Threats and Countermeasures

["Michael Howard" <mikehow () microsoft com>]

Microsoft is pleased to announce the release of _Improving Web
Application Security: Threats and Countermeasures_

This guide helps you build hack-resilient applications. A hack-resilient
application is one that reduces the likelihood of a successful attack
and mitigates the extent of damage if an attack occurs. A hack-resilient
application resides on a secure host in a secure network and is
developed using secure design and development guidelines.

Web application security must be addressed across the tiers and at
multiple layers. A weakness in any tier or layer makes your application
vulnerable to attack. Figure 1 shows the scope of the guide and the
three-layered approach that it uses: securing the network, securing the
host, and securing the application. It also shows the process called
threat modeling, which provides a structure and rationale for the
security process and allows you to evaluate security threats and
identify appropriate countermeasures. 

If you do not know your threats, how can you secure your system?

The guide is divided into five parts.

Part I, Introduction to Threats and Countermeasures
This part identifies and illustrates the various threats facing the
network, host, and application layers. By using the threat modeling
process, you can identify the threats that are relevant to your
application. This sets the stage for identifying effective
countermeasures. This part includes:

        Foreword by Mark Curphey 
        Foreword by Joel Scambray 
        Foreword by Erik Olson 
        Introduction 
        Solutions at a Glance 
        Fast track 
        Chapter 1, Web Application Security Fundamentals 
        Chapter 2, Threats and Countermeasures 
        Chapter 3, Threat Modeling 

Part II, Designing Secure Web Applications
This part provides the guidance you need to design your Web applications
securely. Even if you have an existing application, you should review
this section and then revisit the concepts, principles, and techniques
that you used during your application design. This part includes: 

        Chapter 4, Design Guidelines for Secure Web Applications 
        Chapter 5, Architecture and Design Review 

Part III, Building Secure Web Applications
This part helps you to apply the secure design practices and principles
covered in the previous part to create a solid and secure
implementation. You'll learn defensive coding techniques that make your
code and application resilient to attack. Chapter 6 presents an overview
of the .NET Framework security landscape so that you are aware of the
numerous defensive options and tools that are at your disposal. Part III
includes: 

        Chapter 6, .NET Security Fundamentals 
        Chapter 7, Building Secure Assemblies 
        Chapter 8, Code Access Security in Practice 
        Chapter 9, Using Code Access Security with ASP.NET 
        Chapter 10, Building Secure ASP.NET Pages and Controls 
        Chapter 11, Building Secure Serviced Components 
        Chapter 12, Building Secure Web Services 
        Chapter 13, Building Secure Remoted Components 
        Chapter 14, Building Secure Data Access 

Part IV, Securing Your Network, Host and Application
This part shows you how to apply security configuration settings to
secure the interrelated network, host, and application levels. Rather
than applying security randomly, you'll learn the reasons for the
security recommendations. Part IV includes:

        Chapter 15, Securing Your Network 
        Chapter 16, Securing Your Web Server 
        Chapter 17, Securing Your Application Server 
        Chapter 18, Securing Your Database Server 
        Chapter 19, Securing Your ASP.NET Application and Web Services 
        Chapter 20, Hosting Multiple ASP.NET Applications 

Part V: Assessing Your Security
This part provides you with the tools you need to evaluate the success
of your security efforts. It shows you how to evaluate your code and
design and also how to review your deployed application, to identify
potential vulnerabilities: 

        Chapter 21, Code Review 
        Chapter 22, Deployment Review 


Finally, there are two extra sections, Checklists and and How-to
Articles:

        Checklist: Architecture and Design Review 
        Checklist: Security Review for Managed Code 
        Checklist: Securing ASP.NET 
        Checklist: Securing Enterprise Services 
        Checklist: Securing Web Services 
        Checklist: Securing Remoting 
        Checklist: Securing Data Access 
        Checklist: Securing Your Network 
        Checklist: Securing Your Web Server 
        Checklist: Securing Your Database Server 
        How To: Implement Patch Management 
        How To: Harden the TCP/IP Stack 
        How To: Secure Your Developer Workstation 
        How To: Use IPSec for Filtering Ports and Authentication 
        How To: Use IISLockdown.exe 
        How To: Use the Microsoft Baseline Security Analyzer 
        How To: Use URLScan 
        How To: Create a Custom Encryption Permission 
        How To: Use Code Access Security Policy to Constrain an Assembly


This _patterns and practice_ guide is available at:

http://msdn.microsoft.com/library/en-us/dnnetsec/html/ThreatCounter.asp 
(note, this link may wrap in some email clients)

Cheers, Michael
Writing Secure Code 2nd Edition 
http://www.microsoft.com/mspress/books/5957.asp