- Wagner Elias – Think Security First - http://wagnerelias.com -

Application Security

Posted By Elias Wagner On 4 04UTC August, 2006 @ 8:17 am In Security Developer | No Comments

Na base de dados do MSDN se encontra um excelente conteúdo sobre desenvolvimento seguro.

O conteúdo está dividido em tópicos que tratam desde arquitetura, validação de inputs, modelagem de ameaças até defesa em profundidade.

[1]
Arquitetura

[2]
Decomposição da Aplicação

[3]
Validação de inputs

[4]
Modelagem de Ameaças

[5]
Arvore de Ataques

Chapter 1- Web Application Security Fundamentals [6]
Chapter 2 – Threats and Countermeasures [7]
Chapter 3 – Threat Modeling [8]
Chapter 4 – Design Guidelines for Secure Web Applications [9]
Chapter 5 – Architecture and Design Review for Security [10]
Chapter 6 - .NET Security Overview [11]
Chapter 7 – Building Secure Assemblies [12]
Chapter 8 – Code Access Security in Practice [13]
Chapter 9 – Using Code Access Security with ASP.NET [14]
Chapter 10 – Building Secure ASP.NET Pages and Controls [15]
Chapter 11 – Building Secure Serviced Components [16]
Chapter 12 – Building Secure Web Services [17]
Chapter 13 – Building Secure Remoted Components [18]
Chapter 14 – Building Secure Data Access [19]
Chapter 15 – Securing Your Network [20]
Chapter 16 – Securing Your Web Server [21]
Chapter 17 – Securing Your Application Server [22]
Chapter 18 – Securing Your Database Server [23]
Chapter 19 – Securing Your ASP.NET Application and Web Services [24]
Chapter 20 – Hosting Multiple Web Applications [25]
Chapter 21 – Code Review [26]
Chapter 22 – Deployment Review [27]

Também não posso deixar de falar do Guide do OWASP e do Top10 que foi traduzido pelo capítulo Brasil do OWASP.

OWASP Guide [28]
Top10 OWASP [Português] [29]

Participem da lista de discussão [30] do OWASP Brasil


Article printed from Wagner Elias – Think Security First: http://wagnerelias.com

URL to article: http://wagnerelias.com/2006/08/04/application-security/

URLs in this post:

[1] Image: http://photos1.blogger.com/blogger/202/1295/1600/ApplicationSecurity.gif

[2] Image: http://photos1.blogger.com/blogger/202/1295/1600/ApplicationDecomposition.gif

[3] Image: http://photos1.blogger.com/blogger/202/1295/1600/InputValidation.gif

[4] Image: http://photos1.blogger.com/blogger/202/1295/1600/threatmodeling.gif

[5] Image: http://photos1.blogger.com/blogger/202/1295/1600/TreeAtack.gif

[6] Chapter 1- Web Application Security Fundamentals: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh01.asp

[7] Chapter 2 – Threats and Countermeasures: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh02.asp

[8] Chapter 3 – Threat Modeling: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh03.asp

[9] Chapter 4 – Design Guidelines for Secure Web Applications: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh04.asp

[10] Chapter 5 – Architecture and Design Review for Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh05.asp

[11] Chapter 6 - .NET Security Overview: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh06.asp

[12] Chapter 7 – Building Secure Assemblies: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh07.asp

[13] Chapter 8 – Code Access Security in Practice: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh08.asp

[14] Chapter 9 – Using Code Access Security with ASP.NET: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh09.asp

[15] Chapter 10 – Building Secure ASP.NET Pages and Controls: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh10.asp

[16] Chapter 11 – Building Secure Serviced Components: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh11.asp

[17] Chapter 12 – Building Secure Web Services: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh12.asp

[18] Chapter 13 – Building Secure Remoted Components: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh13.asp

[19] Chapter 14 – Building Secure Data Access: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh14.asp

[20] Chapter 15 – Securing Your Network: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh15.asp

[21] Chapter 16 – Securing Your Web Server: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh16.asp

[22] Chapter 17 – Securing Your Application Server: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh17.asp

[23] Chapter 18 – Securing Your Database Server: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh18.asp

[24] Chapter 19 – Securing Your ASP.NET Application and Web Services: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh19.asp

[25] Chapter 20 – Hosting Multiple Web Applications: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh20.asp

[26] Chapter 21 – Code Review: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh21.asp

[27] Chapter 22 – Deployment Review: http://msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh22.asp

[28] OWASP Guide: http://www.owasp.org/index.php/OWASP_Guide_Project

[29] Top10 OWASP [Português]: http://owasp.securenet.com.br/index.php/Main_Page

[30] lista de discussão: http://lists.owasp.org/mailman/listinfo/owasp-brazil

Copyright © 2007 Wagner Elias - Think Security First | BCP, BIA, DRP, Security Assessment, Risk Assessment, Security Developer. All rights reserved.