Develop Secure

Learn about basic security issues for ASP.NET MVC organised by OWASP issue.

For day to day development I would note A1 Injection, A3 Cross-Site Scripting (XSS), A4 Insecure Direct Object References and A8 Cross-Site Request Forgery (CSRF) to begin with as these are fairly practical issues your entire team need to understand.

OWASP: A1 Injection

OWASP: A2 Broken Authentication and Session Management

OWASP: A3 Cross-Site Scripting (XSS)

OWASP: A4 Insecure Direct Object References

OWASP: A5 Security Misconfiguration

OWASP: A6 Sensitive Data Exposure

  • Coming Soon

OWASP: A7 Missing Function Level Access Control

OWASP: A8 Cross-Site Request Forgery (CSRF)

OWASP: A9 Using Components with Known Vulnerabilities

OWASP: A10 Unvalidated Redirects and Forwards

General Articles