From edc23fc07be65735f30940323271be6162d0c20b Mon Sep 17 00:00:00 2001
From: Jim Manico <jim@manicode.com>
Date: Wed, 6 Mar 2024 14:39:36 +0100
Subject: [PATCH] Update cheatsheets/DotNet_Security_Cheat_Sheet.md

Co-authored-by: Shlomo Zalman Heigh <shlomozalmanheigh@gmail.com>
---
 cheatsheets/DotNet_Security_Cheat_Sheet.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cheatsheets/DotNet_Security_Cheat_Sheet.md b/cheatsheets/DotNet_Security_Cheat_Sheet.md
index 496939e331..699e48ae97 100644
--- a/cheatsheets/DotNet_Security_Cheat_Sheet.md
+++ b/cheatsheets/DotNet_Security_Cheat_Sheet.md
@@ -794,7 +794,7 @@ DO NOT: Send unsigned or unencrypted serialized objects over the network
 DO: Perform integrity checks or validate digital signatures on serialized
 objects received from the network
 
-DO NOT: Use the BinaryFormatter type which is dangerous and not recommended for data processing.
+DO NOT: Use the BinaryFormatter type which is dangerous and [not recommended](https://learn.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide) for data processing.
 NET offers several in-box serializers that can handle untrusted data safely:
 - XmlSerializer and DataContractSerializer to serialize object graphs into and from XML. Do not confuse DataContractSerializer with NetDataContractSerializer.
 - BinaryReader and BinaryWriter for XML and JSON.