Christian Wenz: ASP .NET Core Security - Episode 233
Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

OWASP

Identity Server

Dependabot

Security Code Scan

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Episoder(386)

Greg Leonardo: Responsible AI - Episode 250

Greg Leonardo: Responsible AI - Episode 250

Greg is a Cloud Architect that assists organizations with cloud adoption and innovation and is currently a Public Cloud Architect at AT&T. He has been working in the IT industry since his time in the ...

19 Jun 202338min

Matthew Renze: AI Ethics - Episode 249

Matthew Renze: AI Ethics - Episode 249

Matthew Renze is a data science consultant, author, and public speaker. He is the founder of Renze Consulting, an AI consulting company that has trained over 500,000 software developers and IT profess...

12 Jun 202352min

Sagar Lad: Data DevOps and Security - Episode 248

Sagar Lad: Data DevOps and Security - Episode 248

Sagar Lad is a Technical Solution Architect with a leading multinational software company and has deep expertise in implementing Data & Analytics solutions for large enterprises using Cloud and Artifi...

5 Jun 202334min

René Schumacher: The DevOps Mindset - Episode 247

René Schumacher: The DevOps Mindset - Episode 247

René is a Principal Cloud Solution Architect - Engineering (CSA-E) and technical lead for Azure DevOps and software development processes at Microsoft in Germany. In his role as CE, he helps customers...

29 Mai 202337min

Toi Wright: Blazor WebAssembly - Episode 246

Toi Wright: Blazor WebAssembly - Episode 246

Toi B. Wright is an independent consultant who has been working as a software developer for over 25 years. She has a BS in Computer Science and Engineering from the Massachusetts Institute of Technolo...

22 Mai 202331min

Ryan Booz- Modern Databases - Episode 245

Ryan Booz- Modern Databases - Episode 245

Ryan is an Advocate at Redgate focusing on PostgreSQL. Ryan has been working as a PostgreSQL advocate, developer, DBA, and product manager for more than 20 years, primarily working with time-series da...

15 Mai 202332min

Maddy Montaquila: MAUI applications in .NET 7 - Episode 244

Maddy Montaquila: MAUI applications in .NET 7 - Episode 244

Maddy Montaquila is a Senior Product Manager on the .NET MAUI team and has been working with .NET mobile apps since 2018 working on Xamarin tooling. When she first joined Microsoft and worked with the...

8 Mai 202338min

Andy Roberts: Data in a Development World - Episode 243

Andy Roberts: Data in a Development World - Episode 243

Andy is a Data Platform and AI Architect at Microsoft, where he has worked for over 24 years. A long time ago, his father dropped two books on his desk and said: "Andy, I need you to be an SQL Expert ...

1 Mai 202336min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
stopp-verden
popradet
det-store-bildet
fotballpodden-2
dine-penger-pengeradet
rss-gukild-johaug
bt-dokumentar-2
nokon-ma-ga
lydartikler-fra-aftenposten
aftenbla-bla
hanna-de-heldige
rss-dannet-uten-piano
e24-podden
frokostshowet-pa-p5
rss-ness
rss-penger-polser-og-politikk