homepage | Channel 9

http://msdn2.microsoft.com/en-us/library/ms998408.pponline(en-us,MSDN.10).gif

Welcome to patterns & practices Security Wiki

This is where we put our latest thoughts and discoveries in software security. Members from this team previously brought you Building Secure ASP.NET Applications and Improving Web Application Security. We are constantly talking to customers, industry experts, and security experts to bring you the latest and greatest. Come here to see the new, the raw, and the unfiltered; see MSDN for the most mature and fully reviewed material (Index of patterns & practices Security Guidance on MSDN
-- J.D. Meier , Security/Performance PM, patterns & practices team

What's New

* Recent Changes

Projects

* Security Guidance for .NET 2.0 Project

Technology

* .NET Framework 1.1
* .NET Framework 2.0
* ADO.NET 1.1
* ADO.NET 2.0
* ASP.NET 1.1
* ASP.NET 2.0

Type

* Case Studies
* Code Examples
* Checklists
* Explained
* FAQs
* Guides
* Guidelines
* How Tos
* Links
* Practices
* Reference Implementations
* Question Lists
* Scenarios and Solutions
* Security Stories
* Test Cases
* Tools
* Training Modules

Topic

* Application Security Methodology
* Database Server Security
* Information Models
* Security Code Review
* Security Deployment Review
* Security Design Guidelines
* Security Design Review
* Security Engineering
* Server Security Methdology
* Threat Modeling
* Web Application Security
* Web Server Security

Methodology

At the base of any good guidance is a solid methodology. Think of methodology as the skeleton. If you are curious about the underlying principles that we’ve used to think about security then explore these links.
* Application Security Methodology
* Security Engineering
* Server Security Methodology

Community

* Community Code Examples
* Shaping Software: http://ShapingSoftware.com
* Software Guidance Share: http://www.guidanceshare.com/wiki
* Sources of Insight: http://sourcesofinsight.com

How To Use This Wiki

If this is your first visit to this site, or your first exposure to a Wiki then you’ll find the following links useful:
* Test Drive Security Wiki – Explains each type of resource we’ve posted and gives an example of the best of each.
* Getting Started with Security Wiki – If you’re new to the wiki concept then read this to learn more.
* Subscribe to the RSS Feed – If you want to be updated when new content is posted, read this to learn how.

Feedback

You need to login to Channel9 to comment in the Wiki.
* To give general feedback, use Security Wiki Feedback
* Share your security story at Security Stories
* To give feedback on a specific page, see How to Provide Feedback

http%3a//msdn2.microsoft.com/en-us/library/ms998408.pponline%28en-us%2cMSDN.10%29.gif
%21%21 Welcome to patterns %26 practices Security Wiki
_This is where we put our latest thoughts and discoveries in software security. Members from this team previously brought you *Building Secure ASP.NET Applications* and *Improving Web Application Security*. We are constantly talking to customers%2c industry experts%2c and security experts to bring you the latest and greatest.  Come here to see the new%2c the raw%2c and the unfiltered%3b see MSDN for the most mature and fully reviewed material %28%5bIndex of patterns %26 practices Security Guidance on MSDN%7cPatternsAndPracticesSecurityGuidanceOnMSDN%29.%5d_
-- %5burl%3aJ.D. Meier%7chttp%3a//blogs.msdn.com/jmeier%5d %2c Security/Performance PM%2c patterns %26 practices team
 
%21%21%21 What%27s New
	* %5burl%3aRecent Changes%7chttp%3a//channel9.msdn.com/wiki/lastmodified.aspx%3fnamespace%3dSecurityWiki%5d
 
%21%21 Projects
	* %5bSecurity Guidance for .NET 2.0 Project%7cSecurityGuidanceForNETv2AboutThisProject%5d
 
%21%21 Technology
	* %5b.NET Framework 1.1%7cNETFrameworkHub%5d
	* %5b.NET Framework 2.0%7cNETFrameworkV2Hub%5d
	* %5bADO.NET 1.1%7cADONETHub%5d
	* %5bADO.NET 2.0%7cADONETv2Hub%5d
	* %5bASP.NET 1.1%7cASPNETHub%5d
	* %5bASP.NET 2.0%7cASPNET2Hub%5d
 
%21%21  Type
	* %5bCase Studies%7cCaseStudies%5d
	* %5bCode Examples%7cCodeExamples%5d
	* %5bChecklists%5d
	* %5bExplained%5d
	* %5bFAQs%5d
	* %5bGuides%5d
	* %5bGuidelines%5d
	* %5bHow Tos%7cHowTos%5d
	* %5bLinks%5d
	* %5bPractices%5d
	* %5bReference Implementations%7cReferenceImplementations%5d
	* %5bQuestion Lists%7cQuestionLists%5d
	* %5bScenarios and Solutions%7cScenariosAndSolutions%5d
	* %5bSecurity Stories%7cSecurityStories%5d
	* %5bTest Cases%7cTestCases%5d
	* %5bTools%7cSecurityTools%5d
	* %5bTraining Modules%7cSecurityTrainingModules%5d
 
 
%21%21 Topic
	* %5bApplication Security Methodology%7cApplicationSecurityMethodology%5d
	* %5bDatabase Server Security%7cDatabaseServerSecurity%5d 
	* %5bInformation Models%7cInformationModels%5d
	* %5bSecurity Code Review%7cSecurityCodeReview%5d
	* %5bSecurity Deployment Review%7cSecurityDeploymentReview%5d
	* %5bSecurity Design Guidelines%7cSecurityDesignGuidelines%5d
	* %5bSecurity Design Review%7cSecurityDesignReview%5d
	* %5bSecurity Engineering%7cSecurityEngineering%5d
	* %5bServer Security Methdology%7cServerSecurityMethodology%5d
	* %5bThreat Modeling%7cThreatModeling%5d
	* %5bWeb Application Security%7cWebApplicationSecurity%5d 
	* %5bWeb Server Security%7cWebServerSecurity%5d
 
%21%21 Methodology
At the base of any good guidance is a solid methodology. Think of methodology as the skeleton.  If you are curious about the underlying principles that we’ve used to think about security then explore these links.
	* %5bApplication Security Methodology%7cApplicationSecurityMethodology%5d
	* %5bSecurity Engineering%7cSecurityEngineering%5d
	* %5bServer Security Methodology%7cServerSecurityMethodology%5d
 
%21%21 Community
	* %5bCommunity Code Examples%7cCommunityCodeExamples%5d
	* Shaping Software%3a %5bhttp%3a//ShapingSoftware.com%5d
	* Software Guidance Share%3a http%3a//www.guidanceshare.com/wiki
                     * Sources of Insight%3a http%3a//sourcesofinsight.com
 
 
 
%21%21 How To Use This Wiki
If this is your first visit to this site%2c or your first exposure to a Wiki then you’ll find the following links useful%3a
	* %5bTest Drive Security Wiki%7cTestDriveSecurityWiki%5d – Explains each type of resource we’ve posted and gives an example of the best of each.
	* %5bGetting Started with Security Wiki%7cGettingStartedWithSecurityWiki%5d – If you’re new to the wiki concept then read this to learn more.
	* %5bSubscribe to the RSS Feed%7cSubscribeToTheRSSFeed%5d – If you want to be updated when new content is posted%2c read this to learn how.
 
 
%21%21 Feedback
You need to login to Channel9 to comment in the Wiki.
	* To give general feedback%2c use %5bSecurity Wiki Feedback%7cSecurityWikiFeedback.%5d
	* Share your security story at %5bSecurity Stories%7cSecurityStories.%5d
	* To give feedback on a specific page%2c see %5bHow to Provide Feedback%7cHowToProvideFeedbackForSecurityWiki.%5d