| This unique book walks you through the many threats to your web application code, from managing and authorizing users and encrypting private data to filtering user input and securing XML. For every defined threat, it provides a menu of solutions and coding considerations. And, it offers coding examples and a set of security policies for each of the corresponding threats.
Know the threats to your applications:
- Develop secure password policies and securely manage user passwords in your web application.
- Establish a secure procedure for resetting lost or forgotten passwords and discover how to properly use secret questions in that process.
- Securely authenticate and authorize users, taking advantage of the advanced capabilities in ASP.NET.
- Limit exposure to credential harvesting and brute force password attacks.
- Securely manage user sessions and learn how to create strong user authentication tokens.
- Work with the built-in state providers and securely implement view state in your forms.
- Make sense of the extensive encryption features in ASP.NET and employ symmetric and asymmetric encryption for sensitive data.
- Properly encrypt and store secrets to the registry, a file, or the protected store.
- Filter user input to prevent from SQL injection, directory traversal, cross-site scripting and other application-level attacks.
- Apply techniques such as pattern matching and data reflecting to control exposure to malicious input attacks.
- Configure honey drops to detect attacks on your web application.
- Configure IIS and ASP.NET to constrain buffer overflow, denial of service, and other attacks.
- Write secure database access code.
- Secure databases and database drivers.
- Construct secure HTML markup to limit exposure to cross-site scripting and cross-site request forgery attacks.
- Use structured error handling to prevent failure conditions that open holes or reveal sensitive information.
- Integrate XML encryption and apply XML digital signatures.
|
|
|
Immunopharmacology of Platelets (Handbook of Immunopharmacology)
Although anucleated, blood platelets are extraordinarily
efficient cells and still the subject of fruitful investigations
in haematology, in vascular physiology, in biochemistry,
and more recently in immunology and in physiopathology
where their metabolism has been implicated
as a source of potential effector compounds. It... | | The Fly-Tying Bible: 100 Deadly Trout and Salmon Flies in Step-by-Step PhotographsAvid sport fishermen will treasure this book?which is nearly as beautiful as the objects it describes. Fly-tying is a highly prized fisherman?s craft, but it?s also an art form, wonderfully captured in this volume?s hundreds of color photos. Each of 100 fly patterns is presented in a two-page spread: an enlarged photo and textual description on the... | | Innovate the Future: A Radical New Approach to IT Innovation
A Proven, Step-by-Step Method for Consistently Creating Revolutionary Products, Services, and Processes
When it comes to entering, creating, or dominating markets, disruptive innovation is the most powerful tool you have. Unfortunately, most companies find... |
|