Which books we recommend for learning how to create secure websites in ASP.NET.

  1. Beginning ASP.NET Security

    by Barry Dorrans. You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.

  2. 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

    by Michael Howard, David LeBlanc, John Viega. Fully updated to cover the latest security issues, 24 Deadly Sins of Software Security reveals the most common design and coding errors and explains how to fix each one-or better yet, avoid them from the start. Michael Howard and David LeBlanc, who teach Microsoft employees and the world how to secure code, have partnered again with John Viega, who uncovered the original 19 deadly programming sins. They have completely revised the book to address the most recent vulnerabilities and have added five brand-new sins.

  3. Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast

    by Paco Hope, Ben Walther. Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite.

  4. Security Driven .NET

    by Stan Drapkin. This e-book addresses many widespread security knowledge gaps and provides practical guidance & code samples. It is intended for architects, developers, and other information technology professionals who design and build security components/layers of .NET solutions.


Microsoft's Jon Galloway recommends these books for learning ASP.NET MVC:



by Adam Freeman

Professional ASP.NET MVC 4

Professional ASP.NET MVC 4

by Jon Galloway, Phil Haack, Brad Wilson, K. Scott Allen