You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.
You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.
- Shows you step by step how to implement the very latest security techniques
- Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with
- Delves into authentication, authorizing, and securing sessions
- Explains how to secure Web servers and Web services, including WCF and ASMX
- Walks you through threat modeling, so you can anticipate problems
- Offers best practices, techniques, and industry trends you can put to use right away
Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.