To increment the security of the ASP.NET ViewState data you must enable the encryption of the data. To do that, you can choose between two option: 1 - By the web.config file:   <configuration>       <system.web>       <pages viewStateEncryptionMode="Always" /> Through this option you will enable the encryption of the ViewState data for all the application pages. 2 -  By the page: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" ViewStateEncryptionMode="Always" %> Make attention on the ViewStateEncryptionMode. In this case you enable the encryption...

Today I have read about this cool plug-in for Visual Studio 05. It detect whole the XSS problem in your asp.net web application. You can download it here. Tags: Security, SDL

In my italian blog version I'm posting some chapter summaries about SDL: The Security Development LifeCycle. You can find something like my summaries, and better than mines, in the following blogs: .NET Security Blog The Security Development LifeCycle   I think that the security topic is the most hot point of the new application era and I think that the more the applications will be linked witch each other (to share data and process), the more security will be a key point of software development in the...