Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Oppdag Premium

Prøv 14 dager gratis

Kjøp Premium

Episoder(392)

Rockford Lhotka: Philosophy on Architecture - Episode 288

Rockford Lhotka is VP of Strategy at Xebia and Chief Software Architect at Marimer LLC. He is the creator of the open-source CSLA .NET development framework, the author of numerous books, and regularl...

11 Mar 202450min

Jared Parsons: Designing C# and Testing a Compiler - Episode 287

Jared Parsons, the Principal Developer Lead on the C# Compiler Team. Everybody tuning in probably uses his code on a day-to-day basis! Jared started at Microsoft 20 years ago as a Developer; moved on ...

4 Mar 202435min

Michael Washington: Azure OpenAI - Episode 286

Michael is an ASP.NET and C# programmer who has extensive knowledge in process improvement, AI and Large Language Models, and student information systems. He also is the founder of two websites — AISt...

26 Feb 202438min

Kent Beck: Tidy First - Episode 285

Original signer of the Agile Manifesto, author of the Extreme Programming book series, rediscoverer of Test-Driven Development, and inspiring Keynote Speaker. I read his TDD book 20 years ago. Topic...

19 Feb 202440min

Paul Yuknewicz: Cloud Native & Serverless - Episode 284

Paul Yuknewicz is a Lead Product Manager for Azure Developer Experience at Microsoft; he is responsible for the PM team that designs the developer experience for building and diagnosing cloud-native a...

12 Feb 202438min

Uncle Bob Martin: Clean Code and How to Do Software Well - Episode 283

If you don't already know Bob, he is a software engineer, instructor, and best-selling author. He is most recognized for developing numerous software design principles and for being a founder of the i...

5 Feb 202441min

Greg Leonardo: Optimizing Cloud Budgets in Azure - Episode 282

Greg is a Cloud Architect that assists organizations with cloud adoption and innovation and is currently a Cloud Architect and the owner of Webonology. He has been working in the IT industry since his...

29 Jan 202441min

Andrew Lock: Containers in .NET 8 - Episode 281

Andrew Lock is a senior software engineer at Datadog, working out of Devon, in the UK. He is a Microsoft MVP, Author of ASP.NET Core in Action, and has an active blog all about his experience working ...

22 Jan 202436min

Reklamefrie Premium-podkaster

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

Skap din egen podkastboble

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Prøv 14 dager gratis

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

Premium

99 kr/ måned

Tilgang til alle våre Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker

Prøv 14 dager gratis

Premium

129 kr/ måned

Tilgang til alle Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker
En Ekstra bruker

Prøv 14 dager gratis

Populært innen Politikk og nyheter

Historiene og stemmene du vil høre

Ubegrenset tilgang til alle dine favorittpodkaster og lydbøker

Les mer