Understand and stop the hacks you read about in the headlines! This practical guide includes secure code samples, built-in ASP.NET tools, and insider techniques to help your web applications stay safe and secure.
In ASP.NET Core Security
, you will learn how to:
ASP.NET Core Security
- Understand common attacks against web applications
- Implement attack countermeasures
- Use testing tools, helper libraries, and scanning tools to improve security
- Utilize built-in browser security features and activate them from ASP.NET Core applications
- Handle security APIs in .NET and ASP.NET Core
- Correctly manage passwords to minimize the damage done by a data leak
- Securely store application secrets so that they are not accessible to an attacker
delivers the skills and countermeasures you need to keep your ASP.NET apps secure from the most common web application attacks. It gives you an invaluable security mindset to help you anticipate risks and introduce practices like testing as regular security checkups. The examples focus on the unique needs of ASP.NET applications, and also offer universal security best practices essential for any professional web developer.
about the technology
Nine out of ten web applications have security vulnerabilities. Apps built with the Microsoft stack are no different. This book lays out everything you need to know to secure your ASP.NET web applications, including unique security APIs, browser interactions, and common threats.
about the book
ASP.NET Core Security
is a practical and hands-on guide to securing web applications built with ASP.NET. Written by Christian Wenz, a 20-year veteran of web security, it reveals attacks that threaten your apps and introduces the built-in ASP.NET features you can use to defend against them.
You’ll start on the dark side, exploring the weapons used by hackers, such as cross-site scripting, session theft, and SQL injection. Each attack is illustrated with a use case plucked from the headlines, including rogue Firefox extensions and Adobe password thefts. And you’ll really appreciate the detailed C# code samples that show you how exactly to prevent these attacks! You’ll learn how to implement countermeasures, activate browser security features with ASP.NET, and securely store application secrets to keep them safe from attack.
about the reader
For experienced ASP.NET web developers.
about the author
is a web pioneer, technology specialist, and entrepreneur. Since 1999, he has written close to 150 books on web technologies and related topics, which have been translated into ten languages. In his day job, he consults enterprises on digitization and Industry 4.0. A fixture at international developer conferences, he has presented on three continents. Christian has been an MVP for ASP.NET since 2004, is the lead author of the official PHP certification, and sporadically contributes to OSS projects. He holds university degrees in computer science and business informatics and is a two-time recipient of a Knuth award check.