Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(386)

Mark Fussell on Dapr 1.0 - Episode 130

Joining Jeffrey today is return guest, Mark Fussell! Mark works on the Azure Incubations Team and is the Product Manager for Dapr, the Distributed Application Runtime. He has been working at Microsoft...

1 Mars 202141min

Harini Kannan on React Native - Episode 129

Joining Jeffrey today is Harini Kannan! Harini is a Program Manager in the Windows Developer Experiences and Platform team — a fast-moving and exciting team at Microsoft! Her team's charter influences...

22 Feb 202136min

Simon Timms on Microservices Architecture — Episode 128

This week, Jeffrey is joined by return guest, Simon Timms, to discuss microservices architecture. Simon Timms is a long-time freelance Software Engineer, multi-time Microsoft MVP co-host of ASP.NET ...

15 Feb 202140min

Jeff Fritz on Blazor Webassembly Architecture - Episode 127

Jeff Fritz is joining the podcast today! This is his second guest appearance. He is an experienced developer, technical educator and PM on the .NET team at Microsoft. He founded The Live Coders team ...

8 Feb 202142min

James Avery on Optimizing the Engineering Team Structure - Episode 126

Joining the podcast once again is return guest, James Avery! James is the Founder and CEO of Kevel, previously known as Adzerk. Kevel is the next generation of publisher ad serving; offering the infra...

1 Feb 202136min

Architectures for 2021 and Beyond - Episode 125

In this episode, your host Jeffrey Palermo is sharing his top list of the architectures you should be paying attention to in 2021 and beyond. The software development world is changing at a faster r...

25 Jan 202139min

Charles Flatt on Learning as a Developer - Episode 124

Charles Flatt is joining the podcast today! He has been a software developer since 1994 and has helped over a dozen organizations succeed on over fifty projects, both small and large. Charles has an u...

18 Jan 202135min

Jérôme Laban on Multi-Platform DevOps - Episode 123

This week, Jeffrey is joined by Jérôme Laban, CTO of the open-source Uno Platform, and a 4x recipient of the Microsoft MVP award. The Uno Platform is a framework that aims to improve the development...

11 Jan 202137min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium