Once again I'll be speaking at DevConnections this fall. One of my talks will tackle one of my main topics: web application security. I'll cover common (and some uncommon) attacks against web sites, discuss countermeasures and have a close look which safeguards ASP.NET offers, and where developers need to add some security code on their own.
As usual I plan to show a number of code demos, so I thought it would be a nice addition to present a list of important resources for topics I am covering in this session. The list tries to focus only on major sources for each topic, but feel free to use the comments to suggest additional websites.