Security resources that I worked on…

VOL 1: Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication. This guide containing 600+ pages of task-based, modular content about authentication, authorization, and secure communication is one of the most comprehensive prescriptive guidance on security across ASP.NET, Enterprise Services, Web Services, .NET Remoting and data access in the context of Intranet, Extranet, and Internet applications available.

·         Html Online: http://msdn.microsoft.com/ library/en-us/dnnetsec/html/secnetlpmsdn.asp

·         PDF: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=055FF772-97FE-41B8-A58C-BF9C6593F25E

·         MS Press: http://www.microsoft.com/MSPress/books/6501.asp

VOL 2: Improving Web app security: Threats and Countermeasures. This guide is one of the most comprehensive guides on building “hack resilient” .NET applications available. The guide is used to secure the network, host and application (there's something for architects, developers, system administrators, testers, and security professional).   It's principle-based and threat focused.  Guidance is task-based and modular with tons of implementation steps.  Deep drill-down on each technology, Code Access Security, ASP.NET, Enterprise Services, Web Services, Remoting, and Data Access (ADO.NET/SQL Server), with threats and countermeasures are provided.  Also, includes checklists and How To.

·         Html Online: http://msdn.microsoft.com/library/en-us/dnnetsec/html/threatcounter.asp

·         PDF: http://microsoft.com/downloads/details.aspx?FamilyId=E9C4BFAA-AF88-4AA5-88D4-0DEA898C31B9&displaylang=en

Security WEB CASTS for your reference

·         http://www.microsoft.com/usa/webcast/ondemand/1239.asp

·         ASP.NET security design guidelines: http://www.microsoft.com/usa/webcasts/ondemand/2406.asp