https://www.developerfusion.com/t/security/tutorials/ Security Tutorials & Articles from Developer Fusion http://www.rssboard.org/rss-specification en-GB Mon, 04 Jul 2011 12:29:00 GMT The most common giveaway a user experiences when an enterprise application has been moved to the cloud is the sudden appearance of a username/password dialogue box. http://www.developerfusion.com/article/121561/integrating-active-directory-into-azure/ http://www.developerfusion.com/article/121561/integrating-active-directory-into-azure/ Mon, 04 Jul 2011 12:29:00 GMT Steve Plank Isolated Storage is a solution to a very common problem, but if you don't understand it then it becomes a problem in its own right. http://www.developerfusion.com/article/84438/isolated-storage/ http://www.developerfusion.com/article/84438/isolated-storage/ Mon, 22 Nov 2010 12:24:00 GMT Ian Stevenson PCI compliance exists to protect consumers from credit fraud, and their data will be protected if rules are followed. If your business accepts credit cards, you are aware of changes to PCI compliance in June. Adherence to section 6.6 of the PCI compliance rules should have been met; if not, web application security must be integrated into existing applications. This mandate allows businesses to evaluate their security practices. http://www.developerfusion.com/article/7641/what-you-need-to-know-about-pci-compliance-and-web-application-security-policy-changes/ http://www.developerfusion.com/article/7641/what-you-need-to-know-about-pci-compliance-and-web-application-security-policy-changes/ Sat, 12 Apr 2008 11:02:00 GMT Michael Sutton A very common requirement in an information system is to have a function (or several functions) where the users are able to search the data by selecting freely among many possible criterias. In this text I will look at various techniques to solve this problem. http://www.developerfusion.com/article/7305/dynamic-search-conditions-in-tsql/ http://www.developerfusion.com/article/7305/dynamic-search-conditions-in-tsql/ Sat, 01 Dec 2007 13:46:00 GMT Erland Sommarskog Hard coding passwords into your application or your web site is a bad thing. Barry looks at how we can use trusted connections to provide the authentication we need, without the need for these potential security hazards. http://www.developerfusion.com/article/7142/sql-trusted-connections-with-aspnet/ http://www.developerfusion.com/article/7142/sql-trusted-connections-with-aspnet/ Tue, 09 Oct 2007 21:05:00 GMT Barry Dorrans Improving your Web application development process is one of the best ways to avoid security vulnerabilities and nasty surprises during security assessments. Learn about the points in the software development life cycle where additional security awareness and training is needed to ensure that your organization remains successful and secure. http://www.developerfusion.com/article/6951/effective-controls-for-attaining-continuous-application-security-throughout-the-web-application-development-life-cycle/ http://www.developerfusion.com/article/6951/effective-controls-for-attaining-continuous-application-security-throughout-the-web-application-development-life-cycle/ Thu, 16 Aug 2007 21:37:00 GMT Caleb Sima It is important for a business to understand the fundamentals of running a vulnerability assessment in order to determine how one will be run and what can be expected from the results. A web application security scanner can automate the process, but a quality assessment may still require actual human eyes to catch specific issues. Learn more about the whys and hows of vulnerability assessments. http://www.developerfusion.com/article/6845/web-application-vulnerability-assessment-essentials/ http://www.developerfusion.com/article/6845/web-application-vulnerability-assessment-essentials/ Sun, 01 Jul 2007 18:44:00 GMT Caleb Sima In this second part of a two-part series, you will learn about application security issues related to authentication and authorization, as well as five vulnerabilities commonly found in ASP.NET web-based applications. Additionally, find out how to keep configuration files from being unintentionally modified by uninformed programmers or administrators, as well as why it is critical to never rely on default setting values. http://www.developerfusion.com/article/6745/top-10-application-security-vulnerabilities-in-webconfig-files-part-two/ http://www.developerfusion.com/article/6745/top-10-application-security-vulnerabilities-in-webconfig-files-part-two/ Sun, 10 Jun 2007 11:43:00 GMT Bryan Sullivan In part one of this two part article, you will learn about five of the top ten “worst offenders” of misconfigurations of application security that can cause overall problems for ASP.NET Web-based applications. Learn more about how to secure the Web.config files of an ASP.NET application. http://www.developerfusion.com/article/6678/top-10-application-security-vulnerabilities-in-webconfig-files-part-one/ http://www.developerfusion.com/article/6678/top-10-application-security-vulnerabilities-in-webconfig-files-part-one/ Mon, 14 May 2007 21:05:00 GMT Bryan Sullivan Ajax programming, which allows a web page to refresh a small portion of its data from a web server, is an exciting technology that has recently been introduced. However, this type of programming can also leave applications open to SQL injection and similar attacks. Learn more about Ajax programming and what it means in terms of security. http://www.developerfusion.com/article/6197/testing-for-security-in-the-age-of-ajax-programming/ http://www.developerfusion.com/article/6197/testing-for-security-in-the-age-of-ajax-programming/ Wed, 27 Sep 2006 22:24:00 GMT Bryan Sullivan Developers are beginning to take the important step toward performing security testing before their applications leave their environments. However, it is also important to combine source code analysis with dynamic analysis during security testing, an approach known as hybrid analysis. http://www.developerfusion.com/article/5996/the-power-of-hybrid-application-security-analysis-increasing-the-reliability-of-security-testing-results/ http://www.developerfusion.com/article/5996/the-power-of-hybrid-application-security-analysis-increasing-the-reliability-of-security-testing-results/ Wed, 09 Aug 2006 20:17:00 GMT Jason Schmitt This tutorial shows how you can capture a document in SharePoint's document library, retrieve information from its properties and store in in SQL Server. It will teach you how to use Event Handler Toolkit. http://www.developerfusion.com/article/5613/sharepoint-document-library-and-sql-server/ http://www.developerfusion.com/article/5613/sharepoint-document-library-and-sql-server/ Wed, 19 Apr 2006 22:36:00 GMT S.S. Ahmed This article demonstrates the art of creating and architecting high-performance and scalable .NET applications, covering all stages, from planning to development and their perspective best practices. http://www.developerfusion.com/article/5385/highperformance-net-application-development-architecture/ http://www.developerfusion.com/article/5385/highperformance-net-application-development-architecture/ Wed, 15 Feb 2006 15:25:00 GMT Dimitrios Markatos Your Web applications can be the most important and most vulnerable entry point into your organization, and, as such, ensuring adequate hacker protection in your Web applications can be critical. This article discusses some of the issues. http://www.developerfusion.com/article/5381/locking-the-door-behind-you-hacker-protection-for-your-web-applications/ http://www.developerfusion.com/article/5381/locking-the-door-behind-you-hacker-protection-for-your-web-applications/ Tue, 14 Feb 2006 20:59:00 GMT Caleb Sima ASP.NET 2.0 brings enhanced performance and many new features that make the web developer's life easier. Alex Homer takes you through what's new. http://www.developerfusion.com/article/5348/new-features-for-web-developers-in-aspnet-20/ http://www.developerfusion.com/article/5348/new-features-for-web-developers-in-aspnet-20/ Fri, 03 Feb 2006 12:25:00 GMT Alex Homer Just as XML itself has evolved, so the XML related classes in .NET Framework 2.0 have changed. Alex Homer finds out what's different. http://www.developerfusion.com/article/5199/whats-new-in-systemxml-20/ http://www.developerfusion.com/article/5199/whats-new-in-systemxml-20/ Mon, 30 Jan 2006 11:01:00 GMT Alex Homer Till now we were talking about non-mainstream languages to use Aspect Oriented Programming (AOP). Learn what exactly AOP is, and how you can go about getting this functionality in C#. http://www.developerfusion.com/article/5307/aspect-oriented-programming-using-net/ http://www.developerfusion.com/article/5307/aspect-oriented-programming-using-net/ Mon, 30 Jan 2006 10:40:00 GMT Abhinaba Basu Explore the source of the common interoperability challenges facing Web services integration across platforms. This third part in a series describes how the different naming conventions between J2EE technology and .NET can cause difficulty in Web services interoperability. http://www.developerfusion.com/article/5155/web-services-interoperability-between-j2ee-and-net-part-3/ http://www.developerfusion.com/article/5155/web-services-interoperability-between-j2ee-and-net-part-3/ Thu, 05 Jan 2006 21:28:00 GMT Wangming Ye The topic of using or not using stored procedures reaches the level of religious fervor in many quarters. Douglas Reilly, a Microsoft MVP, weighs in on the topic with an in-depth analysis. http://www.developerfusion.com/article/4708/to-sp-or-not-to-sp-in-sql-server/ http://www.developerfusion.com/article/4708/to-sp-or-not-to-sp-in-sql-server/ Tue, 19 Jul 2005 13:48:00 GMT Douglas Reilly Mark walks you through how you go about creating a ".NET Applet" - a Windows Forms control hosted within a web page. http://www.developerfusion.com/article/4683/net-applets/ http://www.developerfusion.com/article/4683/net-applets/ Wed, 30 Mar 2005 22:16:00 GMT M Kenyon