Orphaned pages

From Guidance Share

Jump to: navigation, search

Showing below up to 50 results starting with #1.
View (previous 50) (next 50) (20 | 50 | 100 | 250 | 500).

  1. ASP.NET 2.0 Intranet - Windows Auth to AD Groups
  2. ASP.NET 2.0 Security FAQs
  3. ASP.NET 2.0 Security Questions and Answers - Authentication
  4. ASP.NET 2.0 Security Questions and Answers - Configuration
  5. ASP.NET 2.0 Security Questions and Answers - Impersonation / Delegation
  6. ASP.NET 2.0 Security Questions and Answers - Others
  7. About
  8. About This Site
  9. Application Architecture Guide - Cheat Sheet - patterns
  10. Assume all input is malicious.
  11. Audit and log access across application tiers.
  12. Avoid plain text passwords in configuration files
  13. Avoid storing secrets in the Local Security Authority (LSA).
  14. Avoid storing sensitive data in view state
  15. Back up and analyze log files regularly.
  16. Be able to disable accounts.
  17. Be careful with canonicalization issues.
  18. Catch exceptions.
  19. Centralize your approach.
  20. Connect using a least privileged account
  21. Connection string management
  22. Consider authorization granularity
  23. Consider authorization granularity.
  24. Consider identity flow.
  25. Consider the identity that is used for resource access
  26. Constrain, Then Sanitize
  27. Constrain, reject, and sanitize your input.
  28. Constrain input
  29. Create application specific event source
  30. Data privacy and integrity on the network
  31. Do not cache sensitive data
  32. Do not develop your own cryptography.
  33. Do not leak information to the client.
  34. Do not mix session tokens and authentication tokens
  35. Do not pass sensitive data from page to page
  36. Do not pass sensitive data using the HTTP-GET protocol.
  37. Do not rely on client-side state management options
  38. Do not rely on client-side validation.
  39. Do not send passwords over the wire in plaintext.
  40. Do not store database connections, passwords, or keys in plaintext.
  41. Do not store passwords in user stores.
  42. Do not store secrets if you can avoid it.
  43. Do not store secrets in code.
  44. Do not store sensitive data in persistent cookies.
  45. Do not trust HTTP header information.
  46. Does the code centralize its approach?
  47. Does the code use protection="All"
  48. Does the code use the right algorithm with an adequate key size?
  49. Encode Output
  50. Encrypt sensitive cookie state.

View (previous 50) (next 50) (20 | 50 | 100 | 250 | 500).

Views
Personal tools