Microsoft ASP.NET provides powerful tools for developing robust and dynamic web applications. However, its architecture is peculiar and requires an understanding of specific design patterns and development techniques. Not unlike other web applications and software systems, inherent risks exist in ASP.NET applications that could leave the system susceptible to many kinds of attacks. Building upon the Security Foundations: .NET course, this course provides a comprehensive overview of the security issues and common developer pitfalls affecting ASP.NET applications written in C#. This course covers risks common to most web applications as well as typical .NET-specific risks. Each module concentrates on areas related to defensive programming for ASP.NET C# applications and includes code analysis and remediation exercises. The course is also supported by several interactive demonstrations and hands-on lab exercises.