Tuesday 16 October 2012

DDD North 2 Resources

At the end of my talk at DDD North 2 there was a massive amount of URLs for people to reference later. Here is a copy of all of those links

ASP.NET Resource

•Web session management security - http://www.isecpartners.com/files/web-session-management.pdf

•OWASP Top 10 by Troy Hunt - http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html

•ASP.NET Security Guidance - http://wiki.asp.net/page.aspx/48/security-guidelines-and-recommendations/

•MSCASI tool - http://support.microsoft.com/kb/954476

•AntiXSS Toolkit - http://wpl.codeplex.com/

•ASP.NET Security Guidance - http://blogs.msdn.com/b/nunoc/archive/2006/03/04/543631.aspx

•Advice from SDL - http://blogs.msdn.com/b/sdl/archive/2008/05/15/giving-sql-injection-the-respect-it-deserves.aspx

•ASafaWeb - http://www.asafeweb.com

IIS Resources

•Security Guidance for IIS - http://technet.microsoft.com/en-us/library/dd450371.aspx

•IIS Lockdown tool - http://technet.microsoft.com/en-us/library/dd450372(v=ws.10).aspx

•URLScan – http://www.iis.net/learn/extensions/working-with-urlscan

•IIS Configuring security - http://learn.iis.net/page.aspx/88/configuring-security/

•IIS Security Tools - http://www.iis.net/community/Security

Additional Resources

I will upload a copy of the source files later as a separate post as worked through examples.

No comments: