Uncategorized pages
From Guidance Share
Showing below up to 250 results starting with #1.
View (previous 250) (next 250) (20 | 50 | 100 | 250 | 500).
- .NET Framework 1.1 Performance
- .NET Framework 1.1 Performance Guidelines - Working Set
- .NET Framework 1.1 Security
- .NET Framework 2.0 Performance
- .NET Framework 2.0 Security
- ADO.NET 1.1 Performance
- ADO.NET 1.1 Security
- ADO.NET 2.0 Performance
- ADO.NET 2.0 Security
- ASP.NET 1.1 Performance
- ASP.NET 1.1 Performance Checklist
- ASP.NET 1.1 Security
- ASP.NET 1.1 Security Application Scenarios
- ASP.NET 1.1 Security Guidelines - Cross-Site Scripting
- ASP.NET 1.1 Security Guidelines - Impersonation
- ASP.NET 1.1 Security Whiteboard Solutions
- ASP.NET 2.0 Code Examples
- ASP.NET 2.0 Intranet - Windows Auth to AD Groups
- ASP.NET 2.0 Performance
- ASP.NET 2.0 Performance Inspection Questions - Data Binding
- ASP.NET 2.0 Security
- ASP.NET 2.0 Security Application Scenarios
- ASP.NET 2.0 Security FAQs
- ASP.NET 2.0 Security Practices - Auditing and Logging
- ASP.NET 2.0 Security Practices - Authentication
- ASP.NET 2.0 Security Practices - Authorization
- ASP.NET 2.0 Security Practices - Code Access Security
- ASP.NET 2.0 Security Practices - Configuration
- ASP.NET 2.0 Security Practices - Data Access
- ASP.NET 2.0 Security Practices - Exception Management
- ASP.NET 2.0 Security Practices - Impersonation and Delegation
- ASP.NET 2.0 Security Practices - Input and Data Validation
- ASP.NET 2.0 Security Practices - Secure Communication
- ASP.NET 2.0 Security Practices - Sensitive Data
- ASP.NET 2.0 Security Questions and Answers
- ASP.NET 2.0 Security Questions and Answers - Authentication
- ASP.NET 2.0 Security Questions and Answers - Configuration
- ASP.NET 2.0 Security Questions and Answers - Impersonation / Delegation
- ASP.NET 2.0 Security Questions and Answers - Others
- ASP.NET 2.0 Security Whiteboard Solutions
- About
- About This Site
- Actors, Personas, and Roles
- Agile Architecture Method
- Agile Architecture Method Explained
- Agile Architecture Method Explained - Chapter 1 - Agile Architecture Method
- Agile Architecture Method Explained - Chapter 2 - Step 1: Identify Architecture Objectives
- Agile Architecture Method Explained - Chapter 3 - Step 2: Identify Key Scenarios
- Agile Architecture Method Explained - Chapter 4 - Step 3: Application Overview
- Agile Architecture Method Explained - Chapter 5 - Step 4: Key Hot Spots
- Agile Architecture Method Explained - Chapter 6 - Step 5: Candidate Solutions
- Agile Architecture Method Explained - Chapter 7 - Reviewing Your Architecture
- Agile Architecture Method Explained - Chapter 8 - Communicating Your Architecture
- Agile Architecture Method Explained - Introduction
- Application Architecture Guide
- Application Architecture Guide - Architecture and Design Solutions At a Glance
- Application Architecture Guide - Chapter 10 - Presentation Layer Guidelines
- Application Architecture Guide - Chapter 11 - Business Layer Guidelines
- Application Architecture Guide - Chapter 12 - Data Access Layer Guidelines
- Application Architecture Guide - Chapter 13 - Service Layer Guidelines
- Application Architecture Guide - Chapter 14 - Application Archetypes
- Application Architecture Guide - Chapter 15 - Web Applications
- Application Architecture Guide - Chapter 16 - Rich Internet Applications (RIA)
- Application Architecture Guide - Chapter 17 - Rich Client Applications
- Application Architecture Guide - Chapter 18 - Services
- Application Architecture Guide - Chapter 19 - Mobile Applications
- Application Architecture Guide - Chapter 1 - Fundamentals of Application Architecture
- Application Architecture Guide - Chapter 20 - Office Business Applications (OBA)
- Application Architecture Guide - Chapter 21 - SharePoint Line-Of-Business (LOB) Applications
- Application Architecture Guide - Chapter 2 - .NET Platform Overview
- Application Architecture Guide - Chapter 3 - Architecture and Design Guidelines
- Application Architecture Guide - Chapter 4 - Designing Your Architectures
- Application Architecture Guide - Chapter 5 - Deployment Patterns
- Application Architecture Guide - Chapter 6 - Architectural Styles
- Application Architecture Guide - Chapter 7 - Quality Attributes
- Application Architecture Guide - Chapter 8 - Communication Guidelines
- Application Architecture Guide - Chapter 9 - Layers and Tiers
- Application Architecture Guide - Cheat Sheet - Data Access Technology Matrix
- Application Architecture Guide - Cheat Sheet - Integration Technology Matrix
- Application Architecture Guide - Cheat Sheet - Presentation Technology Matrix
- Application Architecture Guide - Cheat Sheet - Workflow Technology Matrix
- Application Architecture Guide - Cheat Sheet - patterns
- Application Architecture Guide - Cheat Sheet - patterns & practices Pattern Catalog
- Application Architecture Guide - Fast Track
- Application Architecture Guide - Foreword by S. Somasegar
- Application Architecture Guide - Foreword by Scott Guthrie
- Application Architecture Guided - Introduction
- Application Vulnerability Categories
- Architecture
- Architecture Frame
- Architecture and Design Checklist
- Assume all input is malicious.
- Attack Pattern Template
- Attack Patterns
- Attack Template
- Attacks
- Audit and log access across application tiers.
- Auditing and Logging
- Auditing and Logging Vulnerabilities
- Authentication
- Authentication, Authorization and Trust
- Authentication, Authorization and Trust Vulnerabilities
- Authentication Vulnerabilities
- Authorization
- Authorization Vulnerabilities
- Avoid plain text passwords in configuration files
- Avoid storing secrets in the Local Security Authority (LSA).
- Avoid storing sensitive data in view state
- Back up and analyze log files regularly.
- Be able to disable accounts.
- Be careful with canonicalization issues.
- Buffer Overflow
- Buffer Overflow Attack
- Buffer Underwrite
- Build Scenario Frame
- Business Layer Design Checklist
- Can impersonation be used with Forms authentication?
- Canonicalization Attack
- Capture-Replay
- Case Studies
- Catch exceptions.
- Centralize your approach.
- Chapter 10 – Quantifying End-User Response Time Goals
- Chapter 11 – Consolidating Various Types of Performance Acceptance Criteria
- Chapter 12 – Modeling Application Usage
- Chapter 13 – Determining Individual User Data and Variances
- Chapter 14 – Test Execution
- Chapter 15 – Key Mathematic Principles for Performance Testers
- Chapter 16 – Performance Test Reporting Fundamentals
- Chapter 17 – Load-Testing Web Applications
- Chapter 18 – Stress-Testing Web Applications
- Chapter 1 – Fundamentals of Web Application Performance Testing
- Chapter 2 – Types of Performance Testing
- Chapter 3 – Risks Addressed Through Performance Testing
- Chapter 4 – Web Application Performance Testing Core Activities
- Chapter 5 – Coordinating Performance Testing with an Iteration-Based Process
- Chapter 6 – Managing an Agile Performance Test Cycle
- Chapter 7 – Managing the Performance Test Cycle in a Regulated (CMMI) Environment
- Chapter 8 – Evaluating Systems to Increase Performance-Testing Effectiveness
- Chapter 9 – Determining Performance Testing Objectives
- Checklist Item Template
- Chosen Plaintext Attack
- Client Side Validation
- Client Side Validation Vulnerabilities
- Code Access Security (.NET 1.1) Security
- Code Example Template
- Code Examples
- Code Vulnerability Categories
- Command Injection
- Communication Design Checklist
- Communications Security
- Communications Security Vulnerabilities
- Comparing Classes by Name
- Configuration Management
- Configuration Management Vulnerabilities
- Connect using a least privileged account
- Connection string management
- Consider authorization granularity
- Consider authorization granularity.
- Consider identity flow.
- Consider the identity that is used for resource access
- Constrain, Then Sanitize
- Constrain, reject, and sanitize your input.
- Constrain input
- Countermeasures
- Covert Storage Channel
- Covert Timing Channel
- Create application specific event source
- Credentials Brute Force Attack
- Cross-site Scripting
- Cross Site Scripting Attack
- Cryptography
- Cryptography Vulnerabilities
- Cryptography and Secrets
- Cryptography and Secrets Vulnerabilities
- Data Layer Design Checklist
- Data privacy and integrity on the network
- Deletion of Data-structure Sentinel
- Denial of Service Attack
- Deserialization of Untrusted Data
- Do I need to create a unique user account for each application pool?
- Do not cache sensitive data
- Do not develop your own cryptography.
- Do not leak information to the client.
- Do not mix session tokens and authentication tokens
- Do not pass sensitive data from page to page
- Do not pass sensitive data using the HTTP-GET protocol.
- Do not rely on client-side state management options
- Do not rely on client-side validation.
- Do not send passwords over the wire in plaintext.
- Do not store database connections, passwords, or keys in plaintext.
- Do not store passwords in user stores.
- Do not store secrets if you can avoid it.
- Do not store secrets in code.
- Do not store sensitive data in persistent cookies.
- Do not trust HTTP header information.
- Does the code centralize its approach?
- Does the code use protection="All"
- Does the code use the right algorithm with an adequate key size?
- Doubly Freeing Memory
- Encode Output
- Encrypt sensitive cookie state.
- Encrypt sensitive data if you need to store it
- Encrypt the contents of the authentication cookies.
- Encrypt the data or secure the communication channel.
- Engineering Practices
- Engineering Practices Frame
- Engineering Practices Overview
- Engineering Practices Project
- Ensure database connections are always closed
- Enterprise Services (.NET 1.1) Performance
- Enterprise Services (.NET 1.1) Security
- Exception Gatekeeper
- Exception Management
- Exception Management Vulnerabilities
- FAQs
- Fail securely
- Failure of TRNG
- Failure to Add Integrity Check Value
- Failure to Check Integrity Check Value
- Failure to Check Whether Privileges Were Dropped
- Failure to Check for Certificate Revocation
- Failure to Drop Privileges When Reasonable
- Failure to Encrypt Data
- Failure to Follow Chain of Trust in Certificate Validation
- Failure to Protect Class Data with Accessors
- Failure to Validate Certificate Expiration
- Failure to Validate Host-Specific Certificate Data
- Feedback
- Firewall restrictions
- Focus Centers
- Forceful Browsing Attack
- Foreword By Alberto Savoia
- Foreword By Rico Mariani
- Format String
- Format String Attack
- Glossary
- Guidance
- Guidance Engineering
- Guidance Overview
- Guideline Item Template
- HTTP Replay Attack
- Heap Overflow
- Home Page 10
- Home Page 11
- Home Page 12
- Home Page 13
- Home Page 14
- Home Page 15
- Home Page 16