Improving Web Application Security: Threats and Countermeasures

In This Chapter

• Locking down an ASP.NET application

• ASP.NET process identity security considerations

• Using Aspnet_setreg.exe to encrypt account credentials in configuration files

• Enforcing machine-wide and Web application security policy

• Accessing resources securely from ASP.NET

• Securing a Web service configuration

• Securing a Forms authentication configuration

• Securing ASP.NET session state and view state

• Securing a Web farm

• A reference table that illustrates a secure ASP.NET application

• Attributes of a secure ASP.NET application