Developing a Secure Site

This section focuses on the steps you should take to design and develop a secure site. It includes content, used with permission from the authors, from the excellent book, Writing Secure Code, by Michael Howard and David LeBlanc (Microsoft Press, 2002). Before you begin developing your Commerce Server site, it is strongly recommended that you read Writing Secure Code.

For detailed instructions about deploying a secure Commerce Server site, see Deploying a Secure Site.

This section contains:

• Security Design by Threat Modeling
• Writing Secure Code
• Common Web Security Mistakes
• Cross-site Scripting Issues
• Building SQL Statements Securely
• Running with Least Privilege
• Preventing Denial of Service Attacks

Copyright © 2005 Microsoft Corporation.
All rights reserved.