Developing More-Secure Microsoft ASP.Net 2.0 Applications

I am an ASP.NET newbie and found this book very helpful in understanding authentication, authorization, role based security, input validation etc. I am a desktop developer and found the web development model difficult to understand initially but this book cleared up my mind in the security related parts. The book is written in a very clear and concise manner and uses diagrams to explain concepts which which I found very helpful. There are practical advices sprinkled all over the book along with the "why" of it. In short, this is a very well written book which improved my asp.net knowledge and skills considerably. Highly recommended.

I really wish I could give this book 6 stars, it has been an indespensable resource for learning techniques to develop more secure applications. With so many dangers lurking out there it is increasingly important to not only be able to develop secure applications but to understand the .net security mechanisms as well. This book will leave no questions unanswered, if for no other reason purchase this book for chapter 8 on partial trust, I have not come across any resource that covered this topic so thoroughly. It's treatment of sandboxing and code partitioning alone make the book worth every penny paid. If your looking to continually improve the quality of your code and sites don't leave this book off your list.

This is a book by a MS Developer Security MVP for any and all developers writing ASP.NET 2.0 applications. Not only does it cover all the usual suspects and provides practical prescriptive guidance on how to deal with them with examples; it also deals with the tough "hot topics" like partial trust. The book is both complete in breadth and depth and really does provide a single good reference book on ASP.NET security. I can not recomend it with more guster. Confession I helped write the tools chapter which is why I know (and yes I am a fellow MS Developer Security MVP)!