A collection of web app security links with focus on ASP.NET:
OWASP – The Open Web Application Security project is a worldwide community of professionals interested in security and a good starting point for securing your web apps. Some of the topics: Vulnerability, .NET Project, Cheat sheets, .NET Security Cheat Sheet, Top 10 security risks. Troy Hunt has some great Pluralsight courses about the Top 10 issues.
Top 10 Common Web Attacks from vpnMentor. Good summary of the OWASP Top 10 – 2017 edition. A good place to start (thanks to Qusai for the tip)
ASP.NET MVC Guidance: Security, Authentication and Authorization (ASP.NET site)
Security, Authentication, and Authorization in ASP.NET Web API (MS Docs)
ASP.NET Identity – Current MS stack for authentication and authorization in ASP.NET. Check the articles on security and especially the one on deployment, passwords and the cloud.
Troy Hunt – MS MVP, blogger and security expert. I really like his stuff. Take the list of topics of his Hack Yourself First workshop as inspiration, check out his Pluralsight courses and sign up for his newsletter. Love one of his recent posts Passwords Evolved: Authentication Guidance for the Modern Era.
Ten Immutable Laws Of Security (Version 2.0) – Security philosophy 101 from Microsoft. Makes you think.
.NET Blog – General and security-related information.
My own blog entries about security.