**Programmers: protect and defend your Web apps against attack!** You may know ASP.NET, but if you don’t understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches. You’ll start with a thorough look at ASP.NET 3.5 basics and see happens when you *don’t* implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others. * Shows you step by step how to implement the very latest security techniques * Reveals the secrets of secret-keeping—encryption, hashing, and *not* leaking information to begin with * Delves into authentication, authorizing, and securing sessions * Explains how to secure Web servers and Web services, including WCF and ASMX * Walks you through threat modeling, so you can anticipate problems * Offers best practices, techniques, and industry trends you can put to use right away Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.