WebApp Sec mailing list archives
ANN: Improving Web Application Security: Threats and Countermeasures
From: "Anil John" <atj () CyberForge com>
Date: Thu, 12 Jun 2003 22:01:27 -0500
Bake security into the application lifecycle. It's a comprehensive guide for creating "hack resilient" apps. Use the guide to secure the network, host and application (there's something for architects, devs, system admins, testers, and security pros). It's principle-based and threat focused. Guidance is task-based and modular with tons of implementation steps. Deep drill-down on each technology, Code Access Security, ASP.NET, Enterprise Services, Web Services, Remoting, and Data Access (ADO.NET/SQL Server), with threats and countermeasures are provided. Also, includes checklists and How Tos. Key Problems Solved: - Hosting multiple Web Apps securely - Writing secure managed code - Designing secure apps - Using CAS from ASP.NET - Preventing key security issues: Input validation, SQL injection, Cross-Site Scripting - Securing your developer workstation - Securing your web server - Securing your database server - Locking down ASP.NET - Performing security reviews on design, code, and deployment Download @ http://msdn.microsoft.com/library/en-us/dnnetsec/html/threatcounter.asp This is the second book in the .NET/Web Security Series from the Microsoft Patterns and Practices Team. The first was "Building Secure Microsoft ASP.NET Applications" which is available @ http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp - Anil
Current thread:
- ANN: Improving Web Application Security: Threats and Countermeasures Anil John (Jun 13)