Programmers: protect and defend your Web apps against attack!
You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.
You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.
Shows you step by step how to implement the very latest security techniques
Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with
Delves into authentication, authorizing, and securing sessions
Explains how to secure Web servers and Web services, including WCF and ASMX
Walks you through threat modeling, so you can anticipate problems
Offers best practices, techniques, and industry trends you can put to use right away
Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.