I have been working in the software development field for some time now and have been searching for a distilled list of how to approach Microsoft's .NET application with respect to OWASP. It seems I have found a great article developed by Troy Hunt over at http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html This document is quite extensive for it's cause. I have found it to be a great asset for Microsoft .NET related concerns with respect to OWASP 2010 Top 10 list.
I'm working with some folks over at OWASP to help create a similar document for Java technologies. As developers we should really think about security in the development process instead of an afterthought which is how security usually is scoped. In my experience I have found many issues in software related to security and if developers would consider security a first-class citizen we would not be seeing vulnerabilities & breaches broadcast over the news channels every week.
For more info on this subject visit http://owasp.org for more info.
