Application Security | Information Security | SIU

APPLICATION SECURITY

National Security Agency application security guides 

(includes BEA WebLogic, .NET, Office, Exchange, PKI, SMS) 

National Security Agency database security guides (Oracle, SQL Server)

National Security Agency web servers and browsers security guides 

Center for Internet Security (Exchange, Oracle, Apache):www.cisecurity.org/

Securing ASP and ASP.NET

• ASP.NET Security: 8 Ways to Avoid Attack
  https://www.devx.com/security-zone/20898/ 
• Securing ASP using Microsoft IIS metabase
  www.developerfusion.co.uk/show/1831/1/ 
• Securing ASP.NET
  msdn.microsoft.com/en-us/library/ff649100.aspx
• Securing ASP.Net configuration
  msdn2.microsoft.com/en-us/library/ms178699 

JSP Security

• Java server pages technology
  java.sun.com/products/jsp/

SQL Injection Protection

• Prevent SQL Injection Attacks
  msdn.microsoft.com/en-us/library/ff648339.aspx
• SQL Injection: Are your web application vulnerable?
  www.cgisecurity.com/lib/SQLInjectionWhitePaper.pdf
• Database Security and SQL injection
  www.cgisecurity.com/development/sql.shtml

Oracle Security Guides

• Oracle Security
  www.cgisecurity.com/oracle-security.html

MySql Security

• General Security Guideline
  dev.mysql.com/doc/refman/5.0/en/security-guidelines.html
• Secure MySql database design
  www.securityfocus.com/infocus/1667
• MySQL Security
  www.cgisecurity.com/mysql-security.html
• Making MySql secure against attackers
  dev.mysql.com/doc/refman/5.0/en/security-against-attack.html

Adding SSL to Apache

• Generating and installing an SSL certificate on an Apache web server with the mod_ssl module
  slacksite.com/apache/certificate.html
• Security Solutions with SSL
  www.modssl.org/docs/apachecon2001/slide-001-n.html