Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am on a project that involves processing financial information, and so I need to write secure asp.net pages using C# 2008 (https etc)
Can anyone recomment any tutorials then can help me understand more about writing secure asp.net apps?
Thanks
There’s a whole book on this topic, Dominick Baier’s Developing More-Secure Microsoft ASP.NET 2.0 Applications. It is outstanding, and has a ton of features and techniques that you won’t find anywhere else, at least not without a lot of digging. I’ve used this book for web security design on two projects, and I highly recommend it.
EDIT TO ADD: Second recommendation, Writing Secure Code: Practical Strategies and Proven Techniques for Building Secure Applications in a Networked World. While much of the code in this book is about unmanaged code, the sections on understanding good security development practices, threat modeling, etc., really tell you what you need to be thinking about as you design and evaluate your web site’s security issues.