Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am working on a consumer facing web application built on .Net/C# MSSQL as the databse
We have been following general good coding practices to prevent bugs and SQL/JS query injections but non of us are experts on security.
What would be a good checklist to find out how really secure is the application we are building.
I’m not sure what was meant by a checklist, since it could related to development (to help developers write less bugs), code review (to catch bugs in review) or testing (to ensure that all facets of the vulnerability are tested for).
OWASP does have guides to support all the three needs –
And then to top it off, you could always refer to the OWASP Top 10 list, to establish priorities on the vulnerabilities that you would like to concentrate most of your efforts on.
As Mark mentioned, the OWASP .NET project will be useful.