Orphaned pages

From Guidance Share

Jump to: navigation, search

Showing below up to 155 results starting with #1.
View (previous 500) (next 500) (20 | 50 | 100 | 250 | 500).

  1. ASP.NET 2.0 Intranet - Windows Auth to AD Groups
  2. ASP.NET 2.0 Security FAQs
  3. ASP.NET 2.0 Security Questions and Answers - Authentication
  4. ASP.NET 2.0 Security Questions and Answers - Configuration
  5. ASP.NET 2.0 Security Questions and Answers - Impersonation / Delegation
  6. ASP.NET 2.0 Security Questions and Answers - Others
  7. About
  8. About This Site
  9. Application Architecture Guide - Cheat Sheet - patterns
  10. Assume all input is malicious.
  11. Audit and log access across application tiers.
  12. Avoid plain text passwords in configuration files
  13. Avoid storing secrets in the Local Security Authority (LSA).
  14. Avoid storing sensitive data in view state
  15. Back up and analyze log files regularly.
  16. Be able to disable accounts.
  17. Be careful with canonicalization issues.
  18. Catch exceptions.
  19. Centralize your approach.
  20. Connect using a least privileged account
  21. Connection string management
  22. Consider authorization granularity
  23. Consider authorization granularity.
  24. Consider identity flow.
  25. Consider the identity that is used for resource access
  26. Constrain, Then Sanitize
  27. Constrain, reject, and sanitize your input.
  28. Constrain input
  29. Create application specific event source
  30. Data privacy and integrity on the network
  31. Do not cache sensitive data
  32. Do not develop your own cryptography.
  33. Do not leak information to the client.
  34. Do not mix session tokens and authentication tokens
  35. Do not pass sensitive data from page to page
  36. Do not pass sensitive data using the HTTP-GET protocol.
  37. Do not rely on client-side state management options
  38. Do not rely on client-side validation.
  39. Do not send passwords over the wire in plaintext.
  40. Do not store database connections, passwords, or keys in plaintext.
  41. Do not store passwords in user stores.
  42. Do not store secrets if you can avoid it.
  43. Do not store secrets in code.
  44. Do not store sensitive data in persistent cookies.
  45. Do not trust HTTP header information.
  46. Does the code centralize its approach?
  47. Does the code use protection="All"
  48. Does the code use the right algorithm with an adequate key size?
  49. Encode Output
  50. Encrypt sensitive cookie state.
  51. Encrypt sensitive data if you need to store it
  52. Encrypt the contents of the authentication cookies.
  53. Encrypt the data or secure the communication channel.
  54. Engineering Practices Overview
  55. Ensure database connections are always closed
  56. Fail securely
  57. Firewall restrictions
  58. Guidance
  59. Guidance Overview
  60. How To: Delay Sign an Assembly in .NET 2.0
  61. How To: Perform a Security Code Review Review for Managed Code (Baseline Technique)
  62. How To: Use SecureString in .NET 2.0
  63. Impersonate original caller only when required
  64. Install URLScan on your Web server
  65. Keep unencrypted data close to the algorithm.
  66. Limit session lifetime.
  67. Log detailed error messages.
  68. Log key events.
  69. Login account configuration
  70. Logon auditing
  71. Maintain sensitive data on the server
  72. Maintain separate administration privileges.
  73. Make sure that users do not bypass your checks.
  74. News and Highlights
  75. Partition your Web site
  76. Personas at patterns & practices
  77. Place Web controls and user controls in separate assemblies
  78. Place resource access code in a separate assembly
  79. Protect authentication cookies.
  80. Protect credentials and authentication tickets
  81. Protect log files.
  82. Protect sensitive data in storage
  83. Protect sensitive data over the wire
  84. Protect session state from unauthorized access.
  85. Protect the credentials for SQL authentication
  86. Protect view state with MACs
  87. Protect your administration interfaces.
  88. Protect your configuration store.
  89. Protect your encryption keys.
  90. Require authentication for sensitive pages
  91. Require strong passwords.
  92. Resources Index
  93. Restrict the application in the database
  94. Restrict unauthorized callers
  95. Restrict unauthorized code
  96. Restrict user access to system-level resources.
  97. Retrieve sensitive data on demand.
  98. Sanitize Input
  99. Secure UDL files with restricted ACLs
  100. Secure restricted pages with SSL
  101. Secure sensitive data over the network
  102. Secure the authentication cookie
  103. Secure the session data
  104. Secure your connection strings
  105. Security Tech Centers
  106. Separate public and restricted areas.
  107. Set the correct character encoding
  108. Software Engineering Practices Overview
  109. Store password hashes with salt
  110. Support password expiration periods.
  111. Tech Centers
  112. Technologies
  113. Test1
  114. Test page 1
  115. Test page g
  116. Test page g2
  117. Threat Model
  118. Trap and log ADO.NET exceptions
  119. Use Data Protection API (DPAPI) for encrypting secrets.
  120. Use Escape Routines
  121. Use File authorization with Windows authentication
  122. Use Page.ViewStateUserKey to counter one-click attacks
  123. Use Parameter Batching
  124. Use Programmatic Impersonation
  125. Use Regular Expressions for Input Validation
  126. Use SSL effectively
  127. Use SSL to protect session authentication cookies.
  128. Use URL Authorization
  129. Use URL authorization for page and directory access control
  130. Use Windows authentication
  131. Use a generic error page in your ASP.NET applications
  132. Use absolute URLs for navigation
  133. Use account lockout policies for end-user accounts.
  134. Use explicit role checks for fine-grained authorization
  135. Use least privileged accounts
  136. Use least privileged process and service accounts.
  137. Use multiple gatekeepers.
  138. Use principal demands on classes and methods
  139. Use secure credential management
  140. Use separate data access assemblies
  141. Use server-side input validation
  142. Use stored procedures
  143. Use the ASP.NET validateRequest option
  144. Use the HttpOnly cookie option
  145. Use the correct algorithm and correct key size.
  146. Use the frame security attribute
  147. Use the innerText property
  148. Use type safe SQL parameters
  149. Validate HTML Controls
  150. Validate Input
  151. Validate Input Used For File I/O
  152. Validate Input Used for Data Access
  153. Validate all values sent from the client.
  154. Validate input parameters
  155. Windows Authentication to AD Groups Whiteboard Solution

View (previous 500) (next 500) (20 | 50 | 100 | 250 | 500).

Personal tools