Basic Guidelines for Secure Web Applications

Web applications accessible to the public Internet are guaranteed to be the target of random or focused attempts at mischief or abuse and recovering from a root compromise always painful. At a minimum, web applications require the planned design and consistent implementation of diverse technologies based on:

Microsoft web developers should also be very familiar with ASP.NET Web Application Security [].

Developers of e-commerce websites should also be familiar with PCI Security Standards [] for payment card processing.