Application security encompasses measures taken throughout the application’s life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application. Applications only control the use of resources granted to them, and not which resources are granted to them. They, in turn, determine the use of these resources by users of the application through application security. The next time you begin a project stop and ask yourself the following questions. The best way to be successful is to prepare in advance and know what to … Continue reading
This is the second article on the subject of DropDownList. If for any reason you missed the earlier post titled Series DropDownList: Binding XML Data to a DropDownList, I would recommend that you take the time and read that post as well. In part two of this series I will focus on accomplishing cascading selections with your DropDownList. Since the bulk of the work was accomplished in DropDownList: Binding XML Data to a DropDownList we will pick up from there. Web Form Here we will incorporate a small change from the previous example. Notice that in this example I have … Continue reading
Who doesn’t love XML? Extensible Markup Language (XML) is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards. The design goals of XML emphasize simplicity, generality, and usability over the Internet. It is a textual data format with strong support via Unicode for the languages of the world. Although the design of XML focuses on documents, it is widely used for the representation of arbitrary data structures, … Continue reading
Who doesn’t like free stuff? Here is a poster that covers application security that I hope you may find useful. I believe tidbits like this are great in terms of awareness. Download your copy today!
Many of you who work with Microsoft .NET are aware of the View State and for those of you who are just getting started with .NET please take the time to read the ASP.NET View State Overview over on the Microsoft Developer Network (MSDN). While the viewstate is necessary, it does not come without security concerns that you should understand and what you can do to mitigate the risks. The viewstate is a repository in an ASP.NET page that can store values that have to be retained during postback. The page framework uses view state to persist control settings between … Continue reading
Stop and consider for a moment what exactly the best way to address web application security is? If you place yourself into the mindset of a hacker you just may find that you find vulnerabilities that you may have otherwise not noticed. In this article, which is a follow-up to Secure Development Series: Input Validation, I will put forth the topic of peer reviews in hopes that you pause and consider what you can do to harden your applications? Just where do the largest number of vulnerabilities reside? While you may think the network poses the greatest risk and at … Continue reading