Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(393)

Matt Gordon: Database DevOps - Episode 313

Matt is a Microsoft Data Platform MVP and has worked with SQL Server since 2000. He is the leader of the Lexington, KY Data Technology Group and a frequent domestic and international community speaker...

2 Sep 202440min

Henry Quillin: What it's Like as a Computer Science Student - Episode 312

Henry Quillin is a student in the Canfield computer science and business honors program (CSB) at UT Austin and a software engineer intern at Bank of America. He likes building things. He is interested...

26 Aug 202437min

David Starr: Azure Cloud Marketplaces - Episode 311

David Starr is a Principal Solutions Architect at Microsoft, focusing on Azure and cloud marketplaces. With over 20 years of experience, he has led software development initiatives, held architectural...

19 Aug 202439min

Brian Randell: GitHub and DevOps - Episode 310

Brian A. Randell is a Staff Developer Advocate at GitHub where he works to help tell the good word about GitHub and how it can help you deliver solutions faster and more securely. For more than 30 yea...

12 Aug 202450min

Jason Haley: Azure Services For Artificial Intelligence - Episode 309

Jason Haley is a Full Stack Solution Architect at Jason Haley Consulting, LLC, where he provides custom Azure and .NET application development solutions for a variety of clients. With over 20 years of...

5 Aug 202437min

Gene Kim: Wiring a Winning Software Organization - Episode 308

Gene Kim has been studying high-performing technology organizations since 1999. He was the founder and CTO of Tripwire, Inc. for 13 years, running an enterprise security software company. As an author...

29 Juli 202447min

Craig Loewen: Windows Subsystem for Linux - Episode 307

Craig Loewen has had a love for technology ever since he was a child and has grown passionate about building things that empower people. From constructing his own quadcopter for photography to deliver...

22 Juli 202435min

Damian Brady: GitHub Copilot - Episode 306

Damian Brady is a Staff Developer Advocate at GitHub. He's a developer, speaker, and author specializing in DevOps, MLOps, developer process, and software architecture. Formerly a Cloud Advocate at Mi...

15 Juli 202444min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium