This Guide presents a set of consolidated practices designed to address ASP.NET version 2.0 security issues. The practices are organized by various categories that represent those areas where mistakes are most often made.
Check out the videos here: http://lab.msdn.microsoft.com/express/learnvwd/
|Looks at some of the common conversion issues developers may face when upgrading from ASP.NET 1.x to 2.0 and how to avoid and/or fix those issues HERE.|
This guidance presents the patterns & practices approach to creating threat models for Web applications. Threat modeling is an engineering technique you can use to help you identify threats, attacks, vulnerabilities, and countermeasures that could affect your application. You can use threat modeling to shape your application’s design, meet your company’s security objectives, and reduce risk.