Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(386)

Shawn Wildermuth: Web Service APIs in .NET 7 - Episode 266

Shawn Wildermuth has been tinkering with computers and software since he got a VIC-20 back in the early '80s. He has been a Microsoft MVP, Pluralsight Author, and filmmaker. You can reach him at his b...

9 Okt 202343min

Jay Harris: Overcoming Tough Problems in Software Projects - Episode 265

Jay Harris is a speaker, software consultant, and owner of Arana Software. He has been developing on the web since 1995, when the Blink tag lured him away from Visual Basic 3, and has been awarded as ...

2 Okt 202341min

Jimmy Bogard: .NET 7 and Azure Modernization - Episode 264

Jimmy is the creator and maintainer of the popular OSS libraries AutoMapper and MediatR. Jimmy is an independent consultant based in Austin, TX. Jimmy has received the "Microsoft Most Valuable Profess...

25 Sep 202339min

J. Tower: Modernization Strangler Fig Pattern - Episode 263

Jonathan, or J. as he's known to friends, is a husband, a father, and the owner of Trailhead Technology Partners, a custom software consulting company with employees all around the world. He is also a...

18 Sep 202338min

Chris "Woody" Woodruff: Network Programming - Episode 262

Chris Woodruff, or as his friends call him, Woody, is a software developer and architect of over 25 years. Woody loves software engineering, especially allowing applications and services to communicat...

11 Sep 202342min

Jeremy Miller: Parallelism in Software - Episode 261

Jeremy Miller started his career as a "real" engineer but wandered into software because that looked like more fun. Since then, Jeremy has worked in and led software development teams in the computer ...

4 Sep 202336min

Nathaniel Schutta: Thinking Architecturally - Episode 260

Nathaniel Schutta (or Nate) is a software architect focused on cloud computing and building usable applications. A proponent of polyglot programming, Nate has written multiple books and appeared in va...

28 Aug 202359min

Bob Walker: Painless Operations - Episode 259

Bob started as a .NET Developer back in the early days of .NET 1.1 with the goal of converting ASP pages to ASP.NET web applications. During that time, his career progressed from .NET Developer to Lea...

21 Aug 202334min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium