Christian Wenz: ASP .NET Core Security - Episode 233
Azure & DevOps Podcast20 Helmi 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

OWASP

Identity Server

Dependabot

Security Code Scan

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Jaksot(386)

Steve Sanderson: The future of Blazor and WebAssembly - Episode 202

Steve Sanderson: The future of Blazor and WebAssembly - Episode 202

Steve Sanderson is working as a developer for Microsoft in the team that brings you the ASP.NET technology stack, IIS, and other web things. Previously he developed .NET software as a contractor/consu...

18 Heinä 202239min

Greg Young: CQRS and EventSourcing- Episode 201

Greg Young: CQRS and EventSourcing- Episode 201

Greg Young is an independent consultant and serial entrepreneur. He has 10-plus years of varied experience in computer science from embedded operating systems to business systems and he brings a pragm...

11 Heinä 202238min

Tomas Petricek: Cultures of Programming - Episode 200

Tomas Petricek: Cultures of Programming - Episode 200

Tomas Petricek is a lecturer at the University of Kent and a partner at fsharpWorks. He believes that the most fundamental work is not the one solving hard problems, but the one that offers new ways o...

4 Heinä 202242min

Daniel Vacanti: Measuring Agile Software Teams - Episode 199

Daniel Vacanti: Measuring Agile Software Teams - Episode 199

Daniel is a 20-year software industry veteran who got his start as a Java Developer/Architect. He has spent most of the last 15 years focusing on Lean and Agile Practices. In 2007, he helped develop t...

27 Kesä 202238min

Andrew Lock: Web Applications in .NET6 - Episode 198

Andrew Lock: Web Applications in .NET6 - Episode 198

Andrew Lock is a senior software engineer at Datadog, working out of Devon, in the UK. He is a Microsoft MVP, Author of ASP.NET Core in Action, and has an active blog all about his experience working ...

20 Kesä 202234min

Nick Orlowsky: Deciding to Major in Computer Science - Episode 197

Nick Orlowsky: Deciding to Major in Computer Science - Episode 197

Nick is a rising Sophomore college student at The University of Texas in Austin, TX. He's majoring in computer science and knew from a much earlier age that programming would be his career calling. He...

13 Kesä 202229min

Aaron Palermo: Zero Trust Networking - Episode 196

Aaron Palermo: Zero Trust Networking - Episode 196

Aaron is a DevOps engineer, solution architect, and all-around cybersecurity expert. He works for a global cybersecurity services company, is a member of the Cloud Security Alliance, and is a co-autho...

6 Kesä 202233min

Philippe Kruchten: Controlling Your Architecture - Episode 195

Philippe Kruchten: Controlling Your Architecture - Episode 195

Philippe Kruchten has over 35 years of software development experience. Now retired, his experience focused mostly on large technical systems such as telecommunication, defense, aerospace, and softwar...

30 Touko 202232min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
tervo-halme
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
rss-vaalirankkurit-podcast
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
linda-maria
io-techin-tekniikkapodcast
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rikosmyytit
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
viela-yksi-sivu
rss-uusi-juttu
rss-aika-ankkuri
rss-kaikki-uusiksi
rss-merja-mahkan-rahat