Getting Started — ASP.NET Web Site Security (Visual Studio)
Security involves several disciplines and will often determine whether a Web application is successful. A secure Web application will accurately identify users through authentication, help ensure that those users can access only what they require through authorization, help protect confidential and sensitive data through encrypted communication and storage, and follow security best practices for writing code to guard against creating security risks in the application logic itself.
The topics in this section provide essential information on ASP.NET features and best practices to help you create secure Web applications.
There are numerous threats and countermeasures to apply when securing an ASP.NET application. It is strongly recommended that you review and apply the guidance and checklists in the "Improving Web Application Security: Threats and Countermeasures" module published on MSDN at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod75.asp.