Via Scott -- the new whitepaper available here, from the good folks at patterns and practices, presents a set of consolidated practices designed to address ASP.NET 2.0 security.

Topics include Auditing and Logging, Authentication, Authorization, Code Access Security, Configuration, Data Access, Exception Management, Impersonation and Delegation, Input and Data Validation, Secure Communication, and Sensitive Data.

--Darryl