This guide gives you a solid foundation for designing, building, and configuring secure ASP.NET Web applications. Whether you have existing applications or are building new ones, you can apply the guidance to help you make sure that your Web applications are hack-resilient.

To meet your application security objectives, you must integrate security into your application development life cycle. You can do so by including specific security-related activities in your current software engineering processes. These activities include identifying security objectives, applying secure design guidelines, patterns, and principles, creating threat models, conducting architecture and design reviews for security, performing regular code reviews for security, testing for security, and conducting deployment reviews to ensure secure configuration.

Secure Coding, by Mark G. Graff and Ken vanWyk, looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Beyond the technical, Secure Coding sheds new light on the economic, psychological, and sheer practical reasons why security vulnerabilities are so ubiquitous today.

The definitive guide to developing more-secure software applications for Windows Vista.

Discover the battle-tested security secrets of two code warriors who have worked in large-scale development and have defeated the world's most determined malicious hackers.

This resource provides best practices, step-by-step code walk-throughs, and concise explanations of key security terms, issues, and jargon to help developers create and run secure code with Visual Basic.

In this straightforward and practical guide, Microsoft application security specialists Frank Swiderski and Window Snyder describe the concepts and goals for threat modeling—a structured approach for identifying, evaluating, and mitigating risks to system security.

Build the skills you will use on the job, as well as on the CompTIA Security+ certification exam, with this all-in-one training kit.

Get detailed operations and deployment guidance, along with security tools on CD and the Web, from the Microsoft Windows Security Resource Kit.

Venture into the world of secure applications using this high-end comprehensive reference on all the new security features available in .NET.

Security Engineering is up-to-date, dense with anecdotes and war stories, and is full of pointers to recent research.

Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive.