ASP.NET Web Site Security

Security is a vital aspect of your ASP.NET Web applications. The topics in this section provide background information on security issues that arise in Web applications, on mitigating common security threats, protecting resources in your application, and on authenticating and authorizing individual users.

The topics in this section provide guidance on how to improve the security of your application through user authentication, authorization, data encryption, and more.


There are numerous threats and countermeasures to apply when securing an ASP.NET application. It is strongly recommended that you review and apply the guidance and checklists provided in the articles Improving Web Application Security: Threats and Countermeasures and Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication on the Microsoft Patterns and Practices Web site.

In This Section

  • ASP.NET Web Application Security
    Provides information on the security infrastructure in ASP.NET, and on ASP.NET features for authentication, authorization, and process impersonation.