Locking down an ASP.NET application
ASP.NET process identity security considerations
Using Aspnet_setreg.exe to encrypt account credentials in configuration files
Enforcing machine-wide and Web application security policy
Accessing resources securely from ASP.NET
Securing a Web service configuration
Securing a Forms authentication configuration
Securing ASP.NET session state and view state
Securing a Web farm
A reference table that illustrates a secure ASP.NET application
Attributes of a secure ASP.NET application