Beginning ASP.NET Security

6h 41m
Barry Dorrans
John Wiley & Sons (US)
2010

A practical guide to securing ASP.NET sites

Beginning ASP.NET Security is for novice to intermediate ASP.NET programmers and provides a step-by-step solution to securing each area of ASP.NET development. Rather than approaching security from a theoretical direction, MVP Barry Dorrans shows you examples of how everyday code can be attacked, and describes the steps necessary for defense. Inside, you'll learn how you can defend your ASP.NET applications using the .NET framework, industry patterns and best practices, code libraries and resources provided by Microsoft and others.

Beginning ASP.NET Security:

Explores issues with user input including validation, cross-site scripting (XSS) and cross-site request forgery (CSRF)
Teaches how to securely access your database and defend against SQL injection attacks
Shares techniques for keeping secrets, including encryption, hashing and preventing information leaks
Examines methods for authenticating and authorizing users, including ASP.NET membership providers and preventing cookie theft
Shares tips for securing your web server, including how ASP.NET uses trust levels and locking down IIS
Unveils ways to securely use WCF web services
Presents security with the Microsoft ASP.NET Ajax framework and Silverlight
Includes an overview of security with the Microsoft MVC framework

About the Author

Barry Dorrans is a consultant, speaker and Microsoft MVP in the "Visual Tools – Security" category. His approach to development and writing blends humor with the paranoia suitable for considering security.

In this Book

Introduction
Why Web Security Matters
How the Web Works
Safely Accepting User Input
Using Query Strings, Form Fields, Events, and Browser Information
Controlling Information
Keeping Secrets Secret—Hashing and Encryption
Adding Usernames and Passwords
Securely Accessing Databases
Using the File System
Securing XML
Sharing Data with Windows Communication Foundation
Securing Rich Internet Applications
Understanding Code Access Security
Securing Internet Information Server (IIS)
Third-Party Authentication
Secure Development with the ASP.NET MVC Framework

FREE ACCESS

Book Advanced ASP.NET Core 3 Security: Understanding Hacks, Attacks, and Vulnerabilities to Secure Your Website

Book The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More

Journey Web App Vulnerability Analyst

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Beginning ASP.NET Security

In this Book

YOU MIGHT ALSO LIKE