patternsandpracticessecuritywiki

http://msdn.microsoft.com/practices/Art/new2pandp.jpg

Welcome to the patterns & practices Security Wiki

Welcome to the patterns & practices Security Wiki. This is where we think out loud. Here you’ll find emerging practices, guidance for application scenarios, security engineering, threat modeling, technical guidance and more. We’re looking for your experience, input and feedback to make this a useful resource for application security.

-- the Microsoft Platform Architecture Guidance (PAG) security team

What's New

* 06/07/08 - WardMakesAScenarioAndSolution
* 06/06/05 - Reviewed with Ward Cunningham. He suggested some practices he's found useful. One example is "From the source:" such as on the CryptoAppBlock page.
* 06/05/05 - Added ApplicationSecurityMethodology, DatabaseServerSecurity, ServerSecurityMethodology, WebApplicationSecurity and WebServerSecurity

ArchiveOfSecurityWikiNews

About This Wiki

We'll expose our guidance as we create it. We're exposing this pre-published content for the purpose of enlisting community support to make it real and concrete. It's a Wiki which means you can easily comment and make submissions. Our official guidance will still reside on MSDN. However, we'll watch here for feedback and we'll port "gems" as we see fit to MSDN.

How to Use This Wiki

* TestDriveSecurityWiki
* GettingStartedWithSecurityWiki

About the Team

Members from this team previoiusly brought you Building Secure ASP.NET Applications and Improving Web Application Security. See http://msdn.microsoft.com/SecNet

The current team includes:
* J.D. Meier, Microsoft
* Alex Mackman, CM Consulting
* Blaine Wastell, Ascentium Corporation
* Prashant Bansode, Infosys Technologies Ltd.
* Andy Wigley, CM Consulting

Feedback

You need to login to Channel9 to comment in the Wiki.
* To give general feedback, use SecurityWikiFeedback.
* Share your security story at SecurityStories.
* To give feedback on a specific page, see HowToProvideFeedbackForSecurityWiki.
SecurityWiki.HomePage