Jun 25, 2012 12:12 PM|grundebar|LINK
PS - Here is a link to more information
about the application lifecycle if you want to go down the global.asax route.
Also, I forgot to mention that some hack attempts are automatically handled by either iis or the application. For example (I probably should verify this), extra long urls that could potentially give your app fits automatically return a 413 status code.