How to Videos: .NET Security Topics
The MSDN folks have been releasing short "How to" videos over the past few months. Recently they've released a series of "How Do I" Security videos for Developers of .NET Solutions. They are nice and short and you can learn very simple things that you can do to make your .NET Applications (especially your web apps) more secure.
Here's the original MSDN Page: Click here (Check out the videos below)
~ Robert Shelton
Cross Site Request Forgery is an attack that enables an attacker to send arbitrary HTTP requests from a victim user. In this video, Todd Miranda demonstrates a simple Cross Site Request Forgery attack and how to prevent it.
Presented by Todd Miranda on December 11, 2007
Length: 20 minutes 7 seconds
In this video, Hilton Giesenow demonstrates how to securely encrypt sections of your web.config file. The video covers the two out-of-box encryption providers, command-line encryption, and encryption from within your application.
Presented by Hilton Giesenow on December 11, 2007
Length: 11 minutes 55 seconds
In this video, Will DePalo discusses discretionary access control lists, a major security component of the Windows operating system. See how to grant and deny access to the files you create in Visual C++ applications by manipulating their access control lists.
Presented by Will DePalo on December 11, 2007
Length: 30 minutes 8 seconds