Sign In
Home
Recent
Media
Videos
Podcasts
Screencasts
Shows
ARCast.TV
The HPC Show
This Week On Channel 9
See All Shows...
Forums
Coffeehouse
Tech Off
Feedback
Sandbox
Wiki
Search
About
Subscribe
securityengineering
Cancel
Save
Edit
Return to
HomePage
patterns & practices Security Engineering
Approach
patterns & practices Security Engineering includes specific security related activities.
http://msdn2.microsoft.com/en-us/library/ms998404.securityinlifcycle(en-us,MSDN.10).gif
These include identifying security objectives, creating threat models, applying secure design guidelines, patterns and principles, conducting architecture and design reviews for security, performing regular code reviews for security, testing for security, and conducting deployment reviews to ensure secure configuration.
Overview
*
Security Engineering Overview
Threat Modeling
*
How To: Create a Threat Model for a Web Application at Design Time
Security Design Guidelines
*
Web Application Security Design Guidelines
(on MSDN)
.NET 1.1
*
.NET Framework 1.1 Security Guidelines
(On MSDN)
*
ADO.NET 1.1 Security Guidelines
(On MSDN)
*
ASP.NET 1.1 Security Guidelines
(On MSDN)
*
Code Access Security (.NET 1.1) Security Guidelines
(On MSDN)
*
Enterprise Services (.NET 1.1) Security Guidelines
(On MSDN)
*
Remoting (.NET 1.1) Security Guidelines
(On MSDN)
*
Web Services (.NET 1.1) Security Guidelines
(On MSDN)
.NET Framework 2.0
*
.NET Framework 2.0 Security Guidelines
(On MSDN)
*
ADO.NET 2.0 Security Guidelines
(On MSDN)
*
ASP.NET 2.0 Security Guidelines
(On MSDN)
Security Design Inspection
*
Web Application Security Design Inspection
Security Testing
*
Security Testing
Security Code Inspection
Baseline Activity:
*
How To: Perform Security Code Review for Managed Code (Baseline Activity)
(On MSDN)
.NET 1.1
*
.NET Framework 1.1 Security Code Review
*
ADO.NET 1.1 Security Code Review
*
ASP.NET 1.1 Security Code Review
*
Code Access Security (.NET 1.1) Security Code Review
*
Enterprise Services (.NET 1.1) Security Code Review
*
Remoting (.NET 1.1) Security Code Review
*
Unmanaged Code (.NET 1.1) Security Code Review
*
Web Services (.NET 1.1) Security Code Review
Special case:
*
Buffer Overflow (Managed Code) Security Code Review
*
Cross-Site Scripting Code Review
*
SQL Injection Code Review
Security Deployment Inspection
Application:
*
ASP.NET 1.1 Security Deployment Review
*
How To: Perform a Security Deployment Review for ASP.NET 2.0
Web Server:
*
IIS 5 Security Deployment Review
Database Server:
*
SQL Server 2000 Security Deployment Review
Network:
*
Network Security Deployment Review
Checklists
*
Application Security Design Checklist
.NET 1.1
*
.NET 1.1 Security Checklist
*
ADO.NET 1.1 Security Checklist
*
ASP.NET 1.1 Security Checklist
*
Code Access Security (.NET 1.1) Security Checklist
*
Enterprise Services (.NET 1.1) Security Checklist
*
Remoting (.NET 1.1) Security Checklist
*
Web Services (.NET 1.1) Security Checklist
Deployment:
*
IIS 5 Security Checklist
*
Network Security Checklist
*
SQL Server 2000 Security Checklist
Additional Resources
* Security Guidance Share:
http://www.SecurityGuidanceShare.com
Return to
HomePage
Return to %5bHomePage%5d ---- %21%21 patterns %26 practices Security Engineering %21%21 Approach patterns %26 practices Security Engineering includes specific security related activities. http%3a//msdn2.microsoft.com/en-us/library/ms998404.securityinlifcycle%28en-us%2cMSDN.10%29.gif These include identifying security objectives%2c creating threat models%2c applying secure design guidelines%2c patterns and principles%2c conducting architecture and design reviews for security%2c performing regular code reviews for security%2c testing for security%2c and conducting deployment reviews to ensure secure configuration. %21%21 Overview * %5bSecurity Engineering Overview%7cSecurityEngineeringOverview%5d %21%21 Threat Modeling * %5bHow To%3a Create a Threat Model for a Web Application at Design Time%7cHowToThreatModelWebAppAtDesign%5d %21%21 Security Design Guidelines * %5bWeb Application Security Design Guidelines%7cWebAppSecurityDesignGuidelines%5d %28on MSDN%29 .NET 1.1 * %5b.NET Framework 1.1 Security Guidelines%7cManagedCodeSecurityGuidelines%5d %28On MSDN%29 * %5bADO.NET 1.1 Security Guidelines%7cADONETSecurityGuidelines%5d %28On MSDN%29 * %5bASP.NET 1.1 Security Guidelines%7cASPNETSecurityGuidelines%5d %28On MSDN%29 * %5bCode Access Security %28.NET 1.1%29 Security Guidelines%7cCASSecurityGuidelines%5d %28On MSDN%29 * %5bEnterprise Services %28.NET 1.1%29 Security Guidelines%7cEnterpriseServicesSecurityGuidelines%5d %28On MSDN%29 * %5bRemoting %28.NET 1.1%29 Security Guidelines%7cRemotingSecurityGuidelines%5d %28On MSDN%29 * %5bWeb Services %28.NET 1.1%29 Security Guidelines%7cWebServicesSecurityGuidelines%5d %28On MSDN%29 .NET Framework 2.0 * %5b.NET Framework 2.0 Security Guidelines%7cNETFrameworkV2SecurityGuidelines%5d %28On MSDN%29 * %5bADO.NET 2.0 Security Guidelines%7cADONET2SecurityGuidelines%5d %28On MSDN%29 * %5bASP.NET 2.0 Security Guidelines%7cASPNET2SecurityGuidelines%5d %28On MSDN%29 %21%21 Security Design Inspection * %5bWeb Application Security Design Inspection%7cWebAppSecurityArchDesignReview%5d %21%21 Security Testing * %5bSecurity Testing%7cSecurityTesting%5d %21%21 Security Code Inspection Baseline Activity%3a * %5bHow To%3a Perform Security Code Review for Managed Code %28Baseline Activity%29%7cHowToSecurityCodeReview%5d %28On MSDN%29 .NET 1.1 * %5b.NET Framework 1.1 Security Code Review%7cManagedCodeSecurityCodeReview%5d * %5bADO.NET 1.1 Security Code Review%7cADONETSecurityCodeReview%5d * %5bASP.NET 1.1 Security Code Review%7cASPNETSecurityCodeReview%5d * %5bCode Access Security %28.NET 1.1%29 Security Code Review%7cCASSecurityCodeReview%5d * %5bEnterprise Services %28.NET 1.1%29 Security Code Review%7cEntServicesSecurityCodeReview%5d * %5bRemoting %28.NET 1.1%29 Security Code Review%7cRemotingSecurityCodeReview%5d * %5bUnmanaged Code %28.NET 1.1%29 Security Code Review%7cUnmanagedCodeSecurityCodeReview%5d * %5bWeb Services %28.NET 1.1%29 Security Code Review%7cWebServicesSecurityCodeReview%5d Special case%3a * %5bBuffer Overflow %28Managed Code%29 Security Code Review%7cBufferOverflowsSecurityCodeReview%5d * %5bCross-Site Scripting Code Review%7cCrossSiteScriptingSecurityCodeReview%5d * %5bSQL Injection Code Review%7cSQLInjectionSecurityCodeReview%5d %21%21 Security Deployment Inspection Application%3a * %5bASP.NET 1.1 Security Deployment Review%7cASPNETSecurityDeploymentReview%5d * %5bHow To%3a Perform a Security Deployment Review for ASP.NET 2.0%7cHowToASPNETv2DeploymentReview%5d Web Server%3a * %5bIIS 5 Security Deployment Review%7cIIS5SecurityDeploymentReview%5d Database Server%3a * %5bSQL Server 2000 Security Deployment Review%7cSQL2000SecurityDeploymentReview%5d Network%3a * %5bNetwork Security Deployment Review%7cNetworkSecurityDeplomentReview%5d %21%21 Checklists * %5bApplication Security Design Checklist%7cArchAndDesignSecurityChecklist%5d .NET 1.1 * %5b.NET 1.1 Security Checklist%7cManagedCodeSecurityChecklist%5d * %5bADO.NET 1.1 Security Checklist%7cADONETSecurityChecklist%5d * %5bASP.NET 1.1 Security Checklist%7cASPNETSecurityChecklist%5d * %5bCode Access Security %28.NET 1.1%29 Security Checklist%7cCASSecurityChecklist%5d * %5bEnterprise Services %28.NET 1.1%29 Security Checklist%7cEnterpriseServicesSecurityChecklist%5d * %5bRemoting %28.NET 1.1%29 Security Checklist%7cRemotingSecurityChecklist%5d * %5bWeb Services %28.NET 1.1%29 Security Checklist%7cWebServicesSecurityChecklist%5d Deployment%3a * %5bIIS 5 Security Checklist%7cIIS5SecurityChecklist%5d * %5bNetwork Security Checklist%7cNetworkSecurityChecklist%5d * %5bSQL Server 2000 Security Checklist%7cSQL2000SecurityChecklist%5d %21%21 Additional Resources * Security Guidance Share%3a %5bhttp%3a//www.SecurityGuidanceShare.com%5d ---- Return to %5bHomePage%5d
HTML
Preview
Cancel
Save
Edit
Delete
Edit
Comment on Post
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Comment on Post
Be the first to comment!
Reply
Reply to root
In reply to {0}
Start related discussion
Forum:
Site Feedback
Tech Off
The 9 Guy Around The World
The Coffeehouse
Subject:
Design
HTML
Preview
Tags
*Loading available tags
Separate tags using commas like this: Xbox, Windows Vista, Gaming
(view existing tags)
File:
[No File]
Add File
Remove
Cancel
Attach one file of type: Zip, PDF, XPS, Office Document (.doc, .docx, etc.), Image (PNG, JPG, GIF)
Cancel
Saving...
History
Modified By:
System
Apr 30th @ 11:14 AM
Views (45)
Share
Del.icio.us
Digg
FriendFeed
Facebook
Markup Quick Guide
*bold*
_italics_
+underline+
! Heading 1
!! Heading 2
* Bullet List
** Bullet List 2
# Number List
## Number List 2
[another wiki page]
[url:http://www.example.com]
[image:example.gif]
{"Do not apply formatting"}