Following are the resources from my and Tin Zaw's talk @ 10th Annual SecureIT conference- “Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform”
- OWASP Top 10 Presentation
- AppSec Tutorial Videos
- OWASP Cheat Sheets
- ASP.NET MVC Best Practices
- Microsoft Partners in Learning
- OWASP 2010 Top 10 Cheat Sheet
- Free eBook: OWASP Top 10 for .NET developers
- Troy Hunt (MVP) OWASP Related posts
- Anti-Forgery Request Recipes For ASP.NET MVC And AJAX
- Microsoft Security Development Lifecycle
- Authorize Attribute
- OWASP Webgoat Project
- Keep your .config clean with external config files
- jQuery Ajax calls and the Html.AntiForgeryToken()
- Does ASP.NET Viewstate implicitly prevent CSRF attacks? What does this mean for MVC?
- Protecting against CSRF attacks in ASP.Net MVC
- Anatomy of a Cross-site Request Forgery Attack
- webgoat.mvc (kahanu fork - complete)
- Step by Step improvement in Guarding against CSRF in MVC
Happy Secure Coding!
