Azure & DevOps Podcast20 Helmi 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(386)

Charlie Kindel on Terminal.Gui - Episode 146

This week, Jeffrey is joined by Charlie Kindel! Charlie is an American tech executive doing consulting and advising. Formerly, he has held roles with Control4, Amazon, and Microsoft. Much of his caree...

21 Kesä 202134min

Data DevOps with the SQL Team - Episode 145

This week on the show, Jeffrey Palermo is joined by two special guests, Arvind Shyamsundar and Drew Skwiers-Koballa! Arvind Shyamsundar is a Principal Program Manager on the Azure SQL DB Product Man...

14 Kesä 202133min

Real-World DevOps on the MAUI Team - Episode 144

On today's episode of the podcast, Jeffrey Palermo is joined by two special guests, Alex Blount and Sweekriti Satpathy. Alex is a Principal Software Engineer Manager on the Customer Engagement Team ...

7 Kesä 202141min

Microsoft Build Recap 2021 - Episode 143

Microsoft Build 2021 recently concluded (May 25th-27th), so in today's episode, Jeffrey Palermo is recapping all of the new and exciting announcements that dropped during the virtual conference — and ...

31 Touko 202124min

David Ortinau on Multi-Platform App Development Using .NET MAUI - Episode 142

In this episode, Jeffrey Palermo is speaking with David Ortinau. David is a Principal Program Manager for the .NET Client Apps team at Microsoft, whose team's primary focus is on Xamarin forms and .NE...

24 Touko 202139min

Jeremy Likness on Working with Data on .NET - Episode 141

This week, Jeffrey Palermo is joined by return guest, Jeremy Likness! Jeremy is an internationally selling author, keynote speaker, and professional coder with a personal mission to empower developers...

17 Touko 202140min

Customized Build Agents with Ahmed Ilyas - Episode 140

Today's guest today is Ahmed Ilyas. Ahmed is a previous Microsoft employee and Microsoft MVP who has a lot of passion and enthusiasm to share. He believes in providing best practices and solutions to ...

10 Touko 202132min

Davide Mauri on Azure SQL for Developers - Episode 139

This week on the podcast, Jeffrey is joined by Davide Mauri, a Program Manager in the Azure SQL Database product group at Microsoft. Davide has been working in the IT field since 1997 and was award...

3 Touko 202136min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää