Security and Operations

Application Security

Application security posture and requirements vary based on the type of application, scale of deployment, and choice of environment, but there are common principles and practices that serve as solid foundations across all types of applications.

The key principle for developing secure .NET applications is ensuring that requests from upstream users and systems are trusted, and ensuring that requests sent to downstream systems are also trusted. Applications need to safeguard any credentials or sensitive information they require to operate, control the exposure of the data they process, and integrate with security providers in a protected and maintainable way.

Running applications in a secure manner starts with developing secure applications, but also requires operating them in a secure environment. Security is the highest priority at AWS, and there are various AWS services that can help meet the requirements of the most security-sensitive organizations.

The following sections focus on developing secure applications. For more information on security, including auditing, data governance, network security, and encryption in transit and at rest, see AWS Cloud Security.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Seamless Integration with Azure DevOps

Monitoring