Security Engineering Explained and Security Deployment Review for ASP.NET 2.0 are now available on MSDN
We just released patterns & practices Security Engineering Explained and How To: Perform a Security Deployment Review for ASP.NET 2.0 on MSDN.
The Security Engineering Explained PDF builds on the guidance from Improving Web Application Security: Threats and Countermeasures. The PDF contains the following chapters:
-
Introduction
-
Chapter 1, Security Engineering Approach
-
Chapter 2, Security Objectives
-
Chapter 3, Security Design Guidelines
-
Chapter 4, Threat Modeling
-
Chapter 5, Security Architecture and Design Review
-
Chapter 6, Security Code Review
-
Chapter 7, Security Deployment Review
The How To: Perform a Security Deployment Review for ASP.NET 2.0 shows you how to perform a security deployment review for an ASP.NET 2.0 application and how to identify potential security vulnerabilities introduced by inappropriate configuration settings.
