Security Guidelines and Recommendations

There's a great deal of good prescriptive security guidance out there in the form of whitepapers and books.

Whitepapers

• patterns & practices Security Guidance for .NET Framework 2.0
• patterns & practices ASP.NET 2.0 Security Guidance
• patterns & practices ASP.NET 1.1 Security Guidance
• Improving Web Application Security: Threats and Countermeasures
• Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
• Threat Modeling Web Applications - patterns & practices
  This guidance presents the patterns & practices approach to creating threat models for Web applications. Threat modeling is an engineering technique you can use to help you identify threats, attacks, vulnerabilities, and countermeasures that could affect your application.

 Code Review Checklists

• Security Checklist: .NET Framework 2.0
• Security Checklist: ADO.NET 2.0
• Security Checklist: ASP.NET 2.0

Enjoy!