http://msdn2.microsoft.com/en-us/library/ms998408.pponline(en-us,MSDN.10).gif
Welcome to patterns & practices Security Wiki
This is where we put our latest thoughts and discoveries in software security. Members from this team previously brought you Building Secure ASP.NET Applications and Improving Web Application Security. We are constantly talking to customers, industry experts, and security experts to bring you the latest and greatest. Come here to see the new, the raw, and the unfiltered; see MSDN for the most mature and fully reviewed material (Index of patterns & practices Security Guidance on MSDN--
J.D. Meier , Security/Performance PM, patterns & practices team
What's New
*
Recent Changes
Projects
*
Security Guidance for .NET 2.0 Project
Technology
*
.NET Framework 1.1 *
.NET Framework 2.0 *
ADO.NET 1.1 *
ADO.NET 2.0 *
ASP.NET 1.1 *
ASP.NET 2.0
Type
*
Case Studies *
Code Examples *
Checklists *
Explained *
FAQs *
Guides *
Guidelines *
How Tos *
Links *
Practices *
Reference Implementations *
Question Lists *
Scenarios and Solutions *
Security Stories *
Test Cases *
Tools *
Training Modules
Topic
*
Application Security Methodology *
Database Server Security *
Information Models *
Security Code Review *
Security Deployment Review *
Security Design Guidelines *
Security Design Review *
Security Engineering *
Server Security Methdology *
Threat Modeling *
Web Application Security *
Web Server Security
Methodology
At the base of any good guidance is a solid methodology. Think of methodology as the skeleton. If you are curious about the underlying principles that we’ve used to think about security then explore these links.
*
Application Security Methodology *
Security Engineering *
Server Security Methodology
Community
*
Community Code Examples * Shaping Software:
http://ShapingSoftware.com * Software Guidance Share:
http://www.guidanceshare.com/wiki * Sources of Insight:
http://sourcesofinsight.com
How To Use This Wiki
If this is your first visit to this site, or your first exposure to a Wiki then you’ll find the following links useful:
*
Test Drive Security Wiki – Explains each type of resource we’ve posted and gives an example of the best of each.
*
Getting Started with Security Wiki – If you’re new to the wiki concept then read this to learn more.
*
Subscribe to the RSS Feed – If you want to be updated when new content is posted, read this to learn how.
Feedback
You need to login to Channel9 to comment in the Wiki.
* To give general feedback, use
Security Wiki Feedback * Share your security story at
Security Stories * To give feedback on a specific page, see
How to Provide Feedback
Silverlight: Silverlight Test Driven Development – Part II
WindowsClient: Battery notification messages in Windows 7
TechNet Edge: February 2010 Security Bulletin Overview
Channel 10: 5 Bing Map Apps for the Winter Olympics
Mix Online: Design for tables