Security Tutorials & Articles
-
Integrating Active Directory Into Azure
by Steve PlankThe most common giveaway a user experiences when an enterprise application has been moved to the cloud is the sudden appearance of a username/password dialogue box.
-
Isolated Storage
by Ian StevensonIsolated Storage is a solution to a very common problem, but if you don't understand it then it becomes a problem in its own right.
-
What You Need to Know about PCI Compliance and Web Application Security Policy Changes
by Michael SuttonPCI compliance exists to protect consumers from credit fraud, and their data will be protected if rules are followed. If your business accepts credit cards, you are aware of changes to PCI compliance in June. Adherence to section 6.6 of the PCI compliance rules should have been met; if not, web application security must be integrated into existing applications. This mandate allows businesses to evaluate their security practices.
-
Dynamic Search Conditions in T-SQL
by Erland SommarskogA very common requirement in an information system is to have a function (or several functions) where the users are able to search the data by selecting freely among many possible criterias. In this text I will look at various techniques to solve this problem.
-
SQL Trusted Connections with ASP.NET
by Barry DorransHard coding passwords into your application or your web site is a bad thing. Barry looks at how we can use trusted connections to provide the authentication we need, without the need for these potential security hazards.
-
Effective Controls for Attaining Continuous Application Security Throughout the Web Application Development Life Cycle
by Caleb SimaImproving your Web application development process is one of the best ways to avoid security vulnerabilities and nasty surprises during security assessments. Learn about the points in the software development life cycle where additional security awareness and training is needed to ensure that your organization remains successful and secure.
-
Web Application Vulnerability Assessment Essentials
by Caleb SimaIt is important for a business to understand the fundamentals of running a vulnerability assessment in order to determine how one will be run and what can be expected from the results. A web application security scanner can automate the process, but a quality assessment may still require actual human eyes to catch specific issues. Learn more about the whys and hows of vulnerability assessments.
-
Top 10 Application Security Vulnerabilities in Web.config Files - Part Two
by Bryan SullivanIn this second part of a two-part series, you will learn about application security issues related to authentication and authorization, as well as five vulnerabilities commonly found in ASP.NET web-based applications. Additionally, find out how to keep configuration files from being unintentionally modified by uninformed programmers or administrators, as well as why it is critical to never rely on default setting values.
-
Top 10 Application Security Vulnerabilities in Web.config Files - Part One
by Bryan SullivanIn part one of this two part article, you will learn about five of the top ten “worst offenders” of misconfigurations of application security that can cause overall problems for ASP.NET Web-based applications. Learn more about how to secure the Web.config files of an ASP.NET application.
-
Testing for Security in the Age of Ajax Programming
by Bryan SullivanAjax programming, which allows a web page to refresh a small portion of its data from a web server, is an exciting technology that has recently been introduced. However, this type of programming can also leave applications open to SQL injection and similar attacks. Learn more about Ajax programming and what it means in terms of security.
-
The Power of Hybrid Application Security Analysis: Increasing the Reliability of Security Testing Results
by Jason SchmittDevelopers are beginning to take the important step toward performing security testing before their applications leave their environments. However, it is also important to combine source code analysis with dynamic analysis during security testing, an approach known as hybrid analysis.
-
SharePoint, Document Library and SQL Server
by S.S. AhmedThis tutorial shows how you can capture a document in SharePoint's document library, retrieve information from its properties and store in in SQL Server. It will teach you how to use Event Handler Toolkit.
-
High-Performance .NET Application Development & Architecture
by Dimitrios MarkatosThis article demonstrates the art of creating and architecting high-performance and scalable .NET applications, covering all stages, from planning to development and their perspective best practices.
-
Locking the Door behind You: Hacker Protection for Your Web Applications
by Caleb SimaYour Web applications can be the most important and most vulnerable entry point into your organization, and, as such, ensuring adequate hacker protection in your Web applications can be critical. This article discusses some of the issues.
-
New features for web developers in ASP.NET 2.0
by Alex HomerASP.NET 2.0 brings enhanced performance and many new features that make the web developer's life easier. Alex Homer takes you through what's new.
-
What's new in System.Xml 2.0
by Alex HomerJust as XML itself has evolved, so the XML related classes in .NET Framework 2.0 have changed. Alex Homer finds out what's different.
-
Aspect Oriented Programming using .NET
by Abhinaba BasuTill now we were talking about non-mainstream languages to use Aspect Oriented Programming (AOP). Learn what exactly AOP is, and how you can go about getting this functionality in C#.
-
Web Services Interoperability between J2EE and .NET - Part 3
by Wangming YeExplore the source of the common interoperability challenges facing Web services integration across platforms. This third part in a series describes how the different naming conventions between J2EE technology and .NET can cause difficulty in Web services interoperability.
-
To SP or not to SP in SQL Server
by Douglas ReillyThe topic of using or not using stored procedures reaches the level of religious fervor in many quarters. Douglas Reilly, a Microsoft MVP, weighs in on the topic with an in-depth analysis.
-
.NET Applets
by M KenyonMark walks you through how you go about creating a ".NET Applet" - a Windows Forms control hosted within a web page.