Author
Christian Wenz
Released
8/7/2019- OWASP Top Ten vulnerabilities
- Cross-site scripting
- SQL injection
- Cross-site request forgery
- Storing secrets
- Encrypting Web.config settings
- Password hashing
- Authenticating in the app
- Securing cookies and sessions
- Error handling
Skill Level Intermediate
Duration
Views
- [Christian] According to a recent study, nine out of 10 web applications have security vulnerabilities. Most of the time, it's the developer's fault, unfortunately. In other words, making a web application secure seems to be virtually impossible. Fortunately, there is hope. ASP.net comes with some built-in security features, some that are activated by default, but some need configuration, or even some coding to work. These security features are countermeasures for the most common and dangerous attacks. As you will see, ASP.net is highly configurable in terms of web application security. In this LinkedIn Learning course, I dive into all the risks and ASP.net application phases and how developers can mitigate them. My name is Christian Wenz. I started with web application security in the late 1990s and never looked back. Join me in making web applications more secure. Let's get started.
-
Introduction
-
Security is important!2m 39s
-
What you should know1m 22s
-
Sample application tour3m 15s
-
1. Mitigating Common Attacks
-
OWASP Top 103m 36s
-
Same-origin policy and CORS5m 12s
-
SQL injection with ADO.NET3m 56s
-
Fixing SQL injection4m 27s
-
Defending against CSRF4m 24s
-
-
2. Storing Data
-
Encrypting Web.config4m 21s
-
Azure Key Vault2m 36s
-
Password hashing1m 20s
-
3. Starting with IdentityServer
-
On IdentityServer4m 33s
-
Authenticating in the app4m 45s
-
Authorizing in the app2m 56s
-
-
4. Secure Configuration
-
Introduction27s
-
Securing cookies6m 11s
-
Securing sessions6m 7s
-
Enforcing HTTPS3m 12s
-
Error handling4m 6s
-
Hiding server information2m 50s
-
Security HTTP headers4m 15s
-
-
Conclusion
-
Next steps2m 23s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Unhackable ASP.NET applications