I love this whitepaper summary (posted by Anil John).  There's enough hyphens for everyone on your team :-).  Alex must have written this one.  Cheers Alex!  I've been waiting for a Web security whitepaper of this depth and breadth.  Happy weekend reading.

Improving Web Application Security: Threats and Countermeasures

"Bake security into the application lifecycle. It's a comprehensive guide for creating "hack resilient" apps. Use the guide to secure the network, host and application (there's something for architects, devs, system admins, testers, and security pros). It's principle-based and threat focused. Guidance is task-based and modular with tons of implementation steps. Deep drill-down on each technology, Code Access Security, ASP.NET, Enterprise Services, Web Services, Remoting, and Data Access (ADO.NET/SQL Server), with threats and countermeasures are provided. Also, includes checklists and How Tos."

This posting is provided "AS IS" with no warranties, and confers no rights. Microsoft kann für die Richtigkeit und Vollständigkeit der Inhalte in dieser Newsgroup keine Haftung übernehmen. Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.
הודעה זו מסופקת "כפי שהיא" ללא כל אחריות או חיובים, ואינה נותנת לך זכויות כלשה.