Security in Web Applications
Have you protected your site enough? Use OWASP for your guidelines on how to protect yourself.
As developers code their applications, they should immediately think about security in their design right from the get-go.
However, if it's a legacy system and they don't have the luxury of implementing security into the design, you need to play "little Dutch boy" and plug the existing holes of your application (I know, I know...you probably don't have any holes in your code, but humor me...)
There is a document to assist with these matters to identify the most common ways to hack a web site:
OWASP Top 10 for 2010 (on their Wiki)
The OWASP acronym stand for the the Open Web Application Security Project. Even though this list is from 2010, I would imagine these problems are still relevant and still a problem as we come to a close of 2011.
Some good news for ASP.NET developers. Troy Hunt is doing a 10-part series of how to protect yourself as a .NET Developer from these top ten security issues of 2010. These posts are very detailed and he has done a fantastic job on them. Good reading material for .NET developers.
He's currently on Post #9, but stay tuned for #10 soon.
I DID find a post for the PHP developers about OWASP security precautions.
Are there any other ones out there addressing other languages besides PHP and .NET? Enter a comment below.
Jonathan Danylko is a freelance web architect and avid programmer who has been programming for over 20 years. He has developed various systems in numerous industries including e-commerce, biotechnology, real estate, health, insurance, and utility companies.
When asked what he likes doing in his spare time, he answers..."programming."
Like this article?Subscribe for FREE to receive the latest posts before they become public.
- Security in Web Applications
- UPDATE: Multiple Project Area Support for ASP.NET MVC 2 RC
- MapAreaRoute Removed from ASP.NET MVC 2 RC
- Speed Links: ASP.NET MVC
- Microsoft Monday: August 17, 2009