You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.

You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.

• Shows you step by step how to implement the very latest security techniques
• Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with
• Delves into authentication, authorizing, and securing sessions
• Explains how to secure Web servers and Web services, including WCF and ASMX
• Walks you through threat modeling, so you can anticipate problems
• Offers best practices, techniques, and industry trends you can put to use right away

Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.