Christian Wenz: ASP .NET Core Security - Episode 233
Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

OWASP

Identity Server

Dependabot

Security Code Scan

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Episoder(393)

Andrew Lock: Containers in .NET 8 - Episode 281

Andrew Lock: Containers in .NET 8 - Episode 281

Andrew Lock is a senior software engineer at Datadog, working out of Devon, in the UK. He is a Microsoft MVP, Author of ASP.NET Core in Action, and has an active blog all about his experience working ...

22 Jan 202436min

Scott Hanselman: Semantic Kernel - Episode 280

Scott Hanselman: Semantic Kernel - Episode 280

Scott Hanselman is a teacher at heart. He speaks all over to whoever will listen. He's written code that you, dear listener, has used. Scott has been blogging, coding, and podcasting a LONG time. He c...

15 Jan 202431min

2024 Kickoff - Episode 279

2024 Kickoff - Episode 279

Welcome to 2024. It's going to be a great year in .NET, in Azure, and with DevOps. To kick things off, I wanted to review some of the big things you'll want to look at in 2024. To do that, I'm airing ...

8 Jan 202444min

Jeff Fritz: .NET Conf Recap - Episode 278

Jeff Fritz: .NET Conf Recap - Episode 278

Jeff Fritz is an experienced developer, technical educator, and PM on the .NET team at Microsoft. He founded The Live Coders team on Twitch, and regularly livestreams builds of websites and fun applic...

1 Jan 202435min

Carl Franklin: Why.NET Rocks - Episode 277

Carl Franklin: Why.NET Rocks - Episode 277

Carl Franklin is Executive Vice President of App vNext, a software development firm focused on modern methodologies and technologies. Carl is a 20+ year veteran of the software industry, co-host and f...

26 Des 202352min

Steve Smith: .NET 8 and Architecture - Episode 276

Steve Smith: .NET 8 and Architecture - Episode 276

Steve works with companies that want to avoid the trap of technical debt by helping their teams deliver quality software quickly. Steve and his team at NimblePros have been described by clients as a "...

18 Des 202343min

Clark Sell: Developer Education and Networking - Episode 275

Clark Sell: Developer Education and Networking - Episode 275

From humble beginnings as a mechanic who later became a software engineer/architect/now business owner and who has built software for some of the biggest companies on the planet, Clark's passionately ...

11 Des 202336min

Daniel Roth: Blazor with .NET 8 - Episode 274

Daniel Roth: Blazor with .NET 8 - Episode 274

Daniel Roth is a Principal Product Manager on the ASP.NET team working on ASP.NET Core, Blazor, and other web features. He has previously worked on various parts of .NET, including System.Net, WCF, XA...

4 Des 202344min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
i-retten
stopp-verden
popradet
lydartikler-fra-aftenposten
rss-gukild-johaug
nokon-ma-ga
fotballpodden-2
det-store-bildet
dine-penger-pengeradet
rss-ness
aftenbla-bla
hanna-de-heldige
frokostshowet-pa-p5
rss-dannet-uten-piano
rss-penger-polser-og-politikk
rss-utenrikskomiteen-med-bogen-og-grasvik