Azure & DevOps Podcast20 Helmi 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(386)

Adam Tornhill: Your Code as a Crime Scene - Episode 194

Adam Tornhill is a programmer who combines degrees in engineering and psychology. He's the founder of CodeScene where he designs tools for software analysis. He's also the author of Software Design X-...

23 Touko 202233min

Rod Paddock: Application Longevity for Dummies - Episode 193

Rod Paddock is the CTO of Dash Point Software, Inc. and the Editor in Chief of CODE Magazine! In 2001, Rod founded Dash Point Software, Inc. to develop high-quality custom software solutions. With ove...

16 Touko 202241min

Udi Dahan: Distributed Computing - Episode 192

Udi Dahan is one of the world's foremost experts on Service-Oriented Architecture and Domain-Driven Design and is also the creator of NServiceBus; the most popular service bus for .NET. Udi joined us ...

9 Touko 202239min

Scott Wlaschin: Domain Modeling Made Functional - Episode 191

Scott Wlaschin is an expert on F#, author of the popular F# site fsharpforfunandprofit.com, and a board member of the F# Software Foundation. Known for his non-academic approach to functional programm...

2 Touko 202235min

Heather Downing: Retooling for the Future - Episode 190

Heather is a passionate coder and entrepreneur. She has experience working with Fortune 500 companies building enterprise-level voice, mobile, and C#/.Net applications. She focuses on external thought...

25 Huhti 202236min

Mark Seemann: Code That Fits In Your Head - Episode 189

Mark Seemann is a Danish software developer based in Copenhagen, Denmark. His professional interests include functional programming, object-oriented development, as well as software development in gen...

18 Huhti 202243min

Derek Comartin: A Software Architect's Mindset - Episode 188

Derek Comartin is a software developer with two decades of professional software development experience. He has written software for a variety of business domains, such as distribution, transportation...

11 Huhti 202244min

Daniel Markham: How to Share What You Know - Episode 187

Daniel is a semioticist logician (otherwise known as a programmer). He likes to help people learn to make better tech. He believes that once you know the "why," you can figure out the "what" on your o...

4 Huhti 202242min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää