Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
ASP.NET: Security

ASP.NET: Security

2h 27mIntermediate2019-08-07

Authors

Christian Wenz

Christian Wenz

Web Pioneer, Technology Specialist, Entrepreneur

Course details

As many as nine out of ten web applications have security vulnerabilities. Luckily, ASP.NET developers have a multitude of security tools at their disposal, built right into the framework. Once activated, these features can prevent and mitigate the most common and dangerous types of attacks. Learn how to build on the basic security principles you may already know and incorporate practical solutions for defending your ASP.NET web applications. Instructor Christian Wenz explores the risks ASP.NET apps face, including the OWASP Top Ten vulnerabilities, cross-site scripting, and SQL injection, and countermeasures to combat them. Find out how to authenticate users with IdentityServer, store data securely, and harden your site's configuration with this practical, hands-on course that will transform your ASP.NET apps into impenetrable architectures.

Learning objectives
OWASP Top Ten vulnerabilities
Cross-site scripting
SQL injection
Cross-site request forgery
Storing secrets
Encrypting Web.config settings
Password hashing
Authenticating in the app
Securing cookies and sessions
Error handling

Skills covered

ASP.NETVisual StudioApplication SecurityFront-End Web DevelopmentCybersecurityWeb DevelopmentMicrosoftDeep Dive (X:Y)

Concepts

0. Introduction

  • 01 - Unhackable ASP.NET applications
  • 02 - Security is important
  • 03 - What you should know
  • 04 - Sample application introduction
  • 05 - Sample application tour

1. Mitigating Common Attacks

  • 06 - OWASP Top 10
  • 07 - Cross-site scripting (XSS) - The attack
  • 08 - Cross-site scripting (XSS) - The defense
  • 09 - Cross-site scripting (XSS) in JavaScript
  • 10 - Same-origin policy and CORS
  • 11 - Enabling CORS in ASP.NET Web API
  • 12 - SQL injection with ADO.NET
  • 13 - SQL injection with Entity Framework
  • 14 - Fixing SQL injection
  • 15 - Cross-Site Request Forgery (CSRF)
  • 16 - Defending against CSRF

2. Storing Data

  • 17 - Storing secrets in Web.config
  • 18 - Externalizing Web.config settings
  • 19 - Encrypting Web.config
  • 20 - Azure Key Vault
  • 21 - Managing the Key Vault with Azure Shell
  • 22 - Password hashing
  • 23 - Adding password hashing to the app

3. Starting with IdentityServer

  • 24 - On IdentityServer
  • 25 - Configuring IdentityServer
  • 26 - Authenticating against IdentityServer
  • 27 - Authenticating in the app
  • 28 - Authorizing against IdentityServer
  • 29 - Authorizing in the app

4. Secure Configuration

  • 30 - Introduction
  • 31 - Securing cookies
  • 32 - Securing sessions
  • 33 - Setting cookie attributes in the app
  • 34 - Enforcing HTTPS
  • 35 - Error handling
  • 36 - Hiding server information
  • 37 - Hiding more server information
  • 38 - Security HTTP headers

Conclusion

  • 39 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal