Christian Wenz: ASP .NET Core Security - Episode 233
Azure & DevOps Podcast20 Helmi 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

OWASP

Identity Server

Dependabot

Security Code Scan

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Jaksot(386)

Bob Ward on SQL Edge to Cloud - Episode 162

Bob Ward on SQL Edge to Cloud - Episode 162

This week, Jeffrey is joined by Bob Ward, a Principal Architect for the Microsoft Azure Data team. Bob has worked for Microsoft for 27+ years on every version of SQL Server shipped from OS/2 1.1 to SQ...

11 Loka 202139min

CyberSecurity Awareness Month with Troy Vinson - Episode 161

CyberSecurity Awareness Month with Troy Vinson - Episode 161

This week, Jeffrey is joined by Troy Vinson; a Principal Software Architect at Clear Measure as a CISSP (Certified Information System Security Professional.) He is an experienced leader, architect, an...

4 Loka 202134min

Azure SQL Database with Anna Hoffman - Episode 160

Azure SQL Database with Anna Hoffman - Episode 160

Today, Jeffrey is joined by Anna Hoffman; a Data & Applied Scientist and Program Manager on Microsoft's SQL Engineering team. Anna is also the host of the popular Azure SQL video show, Data Exposed, a...

28 Syys 202134min

Joe Guadagno on the Latest in Azure DevOps - Episode 159

Joe Guadagno on the Latest in Azure DevOps - Episode 159

This week, Jeffrey is joined by Joe Guadagno! Joe is a Director of Engineering at Rocket Mortgage, the nation's largest mortgage lender based in Detroit, Michigan. He has been writing software for ove...

20 Syys 202130min

Daniel Roth on Web Development with .NET 6 - Episode 158

Daniel Roth on Web Development with .NET 6 - Episode 158

Daniel Roth is a program manager on the ASP.NET team working on ASP.NET Core, Blazor, and other web features. He has previously worked on various parts of .NET, including System.Net, WCF, XAML, and AS...

13 Syys 202145min

Konstantin Dinev on Multi-Team DevOps - Episode 157

Konstantin Dinev on Multi-Team DevOps - Episode 157

In today's episode, Jeffrey is joined by Konstantin Dinev, the Director Of Product Development at Infragistics, Product Lead for Ignite UI, co-organizer of ISTA Conference, and the founder of Bellum G...

6 Syys 202137min

Rob Reynolds on Automation with Chocolatey - Episode 156

Rob Reynolds on Automation with Chocolatey - Episode 156

This week, Rob Reynolds, the founder and CEO of Chocolatey Software, is joining the podcast! Rob is a developer-turned-founder who has been involved with several highly successful open source projec...

30 Elo 202149min

Jason Beres on DevOps for Shipping Libraries - Episode 155

Jason Beres on DevOps for Shipping Libraries - Episode 155

This week on the podcast, Jeffrey is joined by none other than Jason Beres! Jason is the Sr. Vice President for Developer Tools at Infragistics; the world leader in user interface development tools an...

23 Elo 202140min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
tervo-halme
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
rss-vaalirankkurit-podcast
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
linda-maria
io-techin-tekniikkapodcast
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rikosmyytit
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
viela-yksi-sivu
rss-uusi-juttu
rss-aika-ankkuri
rss-kaikki-uusiksi
rss-merja-mahkan-rahat