Geek Answers Handbook

Is there one resource on the Internet that lists all ASP.Net security issues (XSS, etc.) with preventative measures?

With so many ways to attack a site, it would be helpful if there was one guide or resource listing all known vunerabilties with possible preventive measures. Does anyone know anything?

Also, is there a library or infrastructure that can deal with such things?

+6
security c # web-applications xss
source share
3 answers

ASP.NET handles most of the security issues for you. Security is built into the structure. I would recommend reading some articles like these:

Find Google options for ASP.NET, security, tips, bugs, best practices. Basically, the best things to keep in mind are XSS, web.config, and SQL injection. You must also ensure that you are looking for CSRF vulnerabilities .

+4
source share

Check out the OWASP development guide at www.owasp.org. It is a bit dated (2005), but it contains information about many of the security issues associated with web applications.

I do not know any library or structure to solve this problem. It really depends on what technologies and applications you use.

+1
source share

There's a book that really covers the foundation of ASP.NET, I highly recommend. It is not comprehensive anymore because it is a couple of years old and therefore does not cover newer things like IIS7, ASP.NET AJAX and so on. But I still recommend it, because for all the basic things, it is really very good.

He called Microsoft Press Web Application Security Improvement , ISBN 978-0735618428. all text is posted on MSDN here .

a dead tree version and an ebook version are also available.

+1
source share

More articles:


All Articles