OFFERS

Security for ASP.NET Developers
Integrated Security ASP.Net: Are you concerned about your ASP.NET application security issues? Compuware’s DevPartners integrated SecurityChecker software will help you to locate security vulnerabilities in your ASP.NET applications. Learn more about using SecurityChecker for improving your ASP .NET code based security.

Increasingly, ASP.NET developers are being asked to wear two hats; one as a developer of applications that work in very complex distributed environments, and the other as a security expert who must build security into ASP.NET applications during development.

Not surprisingly, with development time at a premium, security is often shortchanged. Ideally, developers need a tool that automates many tasks related to discovering and resolving security Issues during development—a tool that literally becomes a security expert on the developer’s behalf. Compuware’s DevPartner SecurityChecker is designed to do just that: locate security vulnerabilities in ASP.NET applications, while fitting smoothly into the development process.

ASP.NET and security

Microsoft’s ASP.NET is well on its way to becoming the premier framework for web-based applications. Coupled with Visual Studio .NET, ASP.NET creates a well-architected platform developers can use to quickly erect multi-tier web applications. Applications exposed to the web, however, are also exposed to attack. The ongoing growth of the web guarantees an increase in both the amount of code placed on the Internet and the population of users for that code. IDC forecasts that within five years, the number of Internet users will double, and Internet commerce will increase ten-fold. In most cases, users will access an organization’s web-based applications in absolutely benign and altogether proper ways. But the Internet’s citizenry is not entirely well-mannered. There’s no need to recount the numerous news stories of hacker break-ins to justify this point.

In addition, as applications grow more complicated, the task of safeguarding an application grows more complicated as well. Web of applications that work in very complex distributed environments, and the other as a security expert who must build security into ASP.NET applications during development. Not surprisingly, with development time at a premium, security is often shortchanged. Ideally, developers need a tool that automates many tasks related to discovering and resolving security Issues during development—a tool that literally becomes a security expert on the developer’s behalf. Compuware’s DevPartner SecurityChecker is designed to do just that: locate security vulnerabilities in ASP.NET applications, while fitting smoothly into applications are not monolithic structures; they are assemblages of interoperating, yet unalike, modules that carry out different duties (just as the human body contains dissimilar internal organs—each executing its specific job). Where these modules connect to one another—their seams—can become entrances through which an assailant can launch an attack on the application.

Cast in a different analogy, a web-based application is like a building with many doors and windows. Most are necessary to support the in-and-out flow of information. Some, however, represent openings into areas that hold sensitive information, or into control rooms from which an assailant can launch an attack into a system’s interior.

It has become the application developer’s task to see that only the appropriate doors and windows are unlocked and unlatched, and that only legitimate traffic passes through. There are so many points from which an application can be assaulted, however, that you cannot reasonably expect even the best programmer to examine them all. Nevertheless, it is a fact that developers must undertake most of the work needed to secure an application.

To download pdf version of this paper, click on link below

If you're interested in this topic, these articles may be helpful:

Build and consume an ASP.NET Web service
by Patrick Barnes, freelance Web application developer, author, and co...
Introduction to Eiffel.NET, part three: design by contract
by Daniele Pagano In Part One I introduced Eiffel and talked about ...
Building web services with Visual Studio .NET
Understanding how web services work is key to using Visual Studio .NET...
ASP.NET tutorial: adding records to a database using ADO.NET, Access Database, and Visual Basic.NET (VB.NET)
from EALabs Inc. - EAServe.com Adding records to Access database us...
Introduction to Eiffel.NET, part one: the Eiffel language basics
by Daniele Pagano Eiffel is an object-oriented language developed...

Related Jobs:

Software Developer (Java/C/Oracle/Unix) #JH-2120 - NC - Charlotte - Management Systems Designers, Inc.
Candidates must have: • A minimum of three years’ experience as a s...
Senior Java Developer #410214 - VA - Fairfax - McDonald Bradley, Inc.
410214 - Senior Java Developer Jun 12, 2007 Fairfax, Virginia ...
Senior Software Developer #2638 - MA - Littleton - S1 Corporation
Job Description: Software Developer S1 is currently seeking a tale...
Software Engineer II #766659 - CA - San Jose - Cisco Systems, Inc.
Network Software and Systems Technology Group (NSSTG) at Cisco Systems...
Java Web Developer #1519 - FL - Tampa - RCG Information Technology
Primary Responsibilities: " Translating the UML Analysis Model in...
Project Manager -IT Applications #853733 - TX - Plano - Networks Associates Technology, Inc.
Position Summary: McAfee creates best-of-breed computer security solu...
Programmer/Analyst -H #211259-598-H - NM - White Sands - NCI Information Systems, Inc.
Programmer/Analyst -H Tracking Code 211259-598-H WS Job Descriptio...
Software Engineer I #766658 - CA - San Jose - Cisco Systems, Inc.
Network Software and Systems Technology Group (NSSTG) at Cisco Systems...
Lead Software Engineer #TEC00001470 - NY - Rochester - The Thomson Corporation
Lead Software Engineer – TEC00001470 Job Description ...
Senior Software Engineer #CTg-137 - MA - Boston - Pearson Education
Title: Senior Software Engineer Req Number: CTg-137 Date Opened: F...