Cover image for ASP.NET Core Security

ASP.NET Core Security

Author Christian Wenz
Release Date: 2022/07/01
ISBN: 9781633439986
Topic:
0%
31
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Secure your ASP.NET applications before you get hacked! This practical guide includes secure coding techniques with annotated examples and full coverage of built-in ASP.NET Core security tools.

In ASP.NET Core Security, you will learn how to:

  • Understand and recognize common web app attacks
  • Implement attack countermeasures
  • Use testing and scanning tools and libraries
  • Activate built-in browser security features from ASP.NET
  • Take advantage of .NET and ASP.NET Core security APIs
  • Manage passwords to minimize damage from a data leak
  • Securely store application secrets

ASP.NET Core Security teaches you the skills and countermeasures you need to keep your ASP.NET Core apps secure from the most common web application attacks. With this collection of practical techniques, you will be able to anticipate risks and introduce practices like testing as regular security checkups. You’ll be fascinated as the author explores real-world security breaches, including rogue Firefox extensions and Adobe password thefts. The examples present universal security best practices with a sharp focus on the unique needs of ASP.NET Core applications.

About the Technology
Your ASP.NET Core applications are under attack now. Are you ready? Th ere are specific countermeasures you can apply to keep your company out of the headlines. This book demonstrates exactly how to secure ASP.NET Core web applications, including safe browser interactions, recognizing common threats, and deploying the framework’s unique security APIs.

About the Book
ASP.NET Core Security is a realistic guide to securing your web applications. It starts on the dark side, exploring case studies of cross-site scripting, SQL injection, and other weapons used by hackers. As you go, you’ll learn how to implement countermeasures, activate browser security features, minimize attack damage, and securely store application secrets. Detailed ASP.NET Core code samples in C# show you how each technique looks in practice.

What's Inside
  • Understand and recognize common web app attacks
  • Testing tools, helper libraries, and scanning tools
  • Activate built-in browser security features
  • Take advantage of .NET and ASP.NET Core security APIs
  • Manage passwords to minimize damage from a data leak


About the Reader
For experienced ASP.NET Core web developers.

About the Author
Christian Wenz is a web pioneer, consultant, and entrepreneur.

Quotes
The best book I’ve found on ASP.NET security. Goes into details that I never even thought about, which is a little scary. Great job!
- Tom Gueth, Binary Star Technology

If you care about security, you need to read this book.
- Darren Gillis, Alibi Software

Even experienced security professionals will learn something new from this book.
- Dorogoy Dmitry Sergevich, One Inc

Clear and detailed. This book is a joy, and I highly recommend it for beginners and advanced developers alike.
- Nik Rimington, Spindogs

Write secure code by thinking how others will try to break it.
- Marcin Sęk, e-Xim IT

Table of Contents

  1. ASP.NET Core Security
  2. Copyright
  3. dedication
  4. contents
  5. front matter
  6. Part 1 First steps
  7. 1 On web application security
  8. Part 2 Mitigating common attacks
  9. 2 Cross-site scripting (XSS)
  10. 3 Attacking session management
  11. 4 Cross-site request forgery
  12. 5 Unvalidated data
  13. 6 SQL injection (and other injections)
  14. Part 3 Secure data storage
  15. 7 Storing secrets
  16. 8 Handling passwords
  17. Part 4 Configuration
  18. 9 HTTP headers
  19. 10 Error handling
  20. 11 Logging and health checks
  21. Part 5 Authentication and authorization
  22. 12 Securing web applications with ASP.NET Core Identity
  23. 13 Securing APIs and single page applications
  24. Part 6 Security as a process
  25. 14 Secure dependencies
  26. 15 Audit tools
  27. 16 OWASP Top 10
  28. index
  29. inside back cover
18.191.84.32