Improving Web Application Security: Threats and Countermeasures

From Mynoteswiki.com

[edit]

Summary

This guide gives you a solid foundation for designing, building, and configuring secure ASP.NET Web applications. Whether you have existing applications or are building new ones, you can apply the guidance to help you make sure that your Web applications are hack-resilient.

[edit]

Key Links

[edit]

Contents At a Glance

Parts

  • Part I, Introduction to Threats and Countermeasures
  • Part II, Designing Secure Web Applications
  • Part III, Building Secure Web Applications
  • Part IV, Securing Your Network, Host and Application
  • Part V: Assessing Your Security

Chapters

  • Foreword by Mark Curphey
  • Foreword by Joel Scambray
  • Foreword by Erik Olson
  • Foreword by Michael Howard
  • Introduction
  • Solutions at a Glance
  • Fast track
  • Chapter 1, Web Application Security Fundamentals
  • Chapter 2, Threats and Countermeasures
  • Chapter 3, Threat Modeling
  • Chapter 4, Design Guidelines for Secure Web Applications
  • Chapter 5, Architecture and Design Review
  • Chapter 6, .NET Security Fundamentals
  • Chapter 7, Building Secure Assemblies
  • Chapter 8, Code Access Security in Practice
  • Chapter 9, Using Code Access Security with ASP.NET
  • Chapter 10, Building Secure ASP.NET Pages and Controls
  • Chapter 11, Building Secure Serviced Components
  • Chapter 12, Building Secure Web Services
  • Chapter 13, Building Secure Remoted Components
  • Chapter 14, Building Secure Data Access
  • Chapter 15, Securing Your Network
  • Chapter 16, Securing Your Web Server
  • Chapter 17, Securing Your Application Server
  • Chapter 18, Securing Your Database Server
  • Chapter 19, Securing Your ASP.NET Application and Web Services
  • Chapter 20, Hosting Multiple ASP.NET Applications
  • Chapter 21, Code Review
  • Chapter 22, Deployment Review

Checklists

  • Checklist: Architecture and Design Review
  • Checklist: Security Review for Managed Code
  • Checklist: Securing ASP.NET
  • Checklist: Securing Enterprise Services
  • Checklist: Securing Web Services
  • Checklist: Securing Remoting
  • Checklist: Securing Data Access
  • Checklist: Securing Your Network
  • Checklist: Securing Your Web Server
  • Checklist: Securing Your Database Server

How Tos

  • How To: Implement Patch Management
  • How To: Harden the TCP/IP Stack
  • How To: Secure Your Developer Workstation
  • How To: Use IPSec for Filtering Ports and Authentication
  • How To: Use IISLockdown.exe
  • How To: Use the Microsoft Baseline Security Analyzer
  • How To: Use URLScan
  • How To: Create a Custom Encryption Permission
  • How To: Use Code Access Security Policy to Constrain an Assembly
Retrieved from "http://www.mynoteswiki.com/wiki/Improving_Web_Application_Security:_Threats_and_Countermeasures"