Chapter 1: Building Secure Web Applications

This chapter begins with a discussion of security basics including how different types of attacks that are made on Web applications. It also contains some solid security advice for ASP.NET Web developers.

Chapter 2: Treating the Client with Caution

Discusses attacks made with client side input including script injection, cross-site scripting, SQL injection and how these attacks might be prevented using validation, encoding, and filtering.

Chapter 3: Storing Secrets

Where and how to store important information in your application is the topic of this chapter. It shows the different methods that are used to protect your connection string, passwords, and other application data.

Chapter 4: Securing Database Access

This chapter explains the key techniques used in restricting database access including the use of components, trusted connections, and store procedures.

Chapter 5: Implementing Password Policies

This chapter covers how to develop good password strategies, allowing users to update their passwords, and how to protect applications against a brute force attack.