Security

Security

This Pluralsight video provides an overview of security practices for an ASP.NET MVC application.

OWASP Top 10 for .NET developers

This series of blog posts by Troy Hunt describes the Open Web Application Security Project (OWASP) and covers the 10 most critical web application security risks.

Microsoft ASP.NET MVC Security with Haack and Hanselman

This video analyzes XSS, CSRT, and JSON hijacking.

Creating an Intranet Site

This tutorial describes how to create an intranet application using ASP.NET MVC and how to secure it using Windows authentication and authorization.

Using Forms Authentication

This walkthrough shows you the functionality that is provided by default for ASP.NET forms authentication in an ASP.NET MVC application.

Preventing Open Redirection Attacks (C#)

By Jon Galloway|December 28, 2010

This tutorial explains how you can prevent open redirection attacks in your ASP.NET MVC applications. This tutorial discusses the changes that have been made in the AccountController in ASP.NET MVC...

Securing your ASP.NET MVC 3 Application

In this blog post, Rick Anderson describes some security pitfalls for MVC applications and how to avoid them.

ASP.NET MVC Content Map

See "Securing ASP.NET MVC applications" in the ASP.NET MVC Content Map.

Security Extensibility in ASP.NET 4

This whitepaper covers the major ways in which security features in ASP.NET 4 can be customized, including: Encryption options and functionality in the <machineKey> element, interoperability of ASP.NET 4 forms authentication tickets with ASP.NET 2.0, configuration options to relax automatic security checks on inbound URLs, pluggable request validation, and pluggable encoding for HTML elements, HTML attributes, HTTP headers, and URLs