Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(393)

Microsoft Ignite 2019 Recap with Various Guests - Episode 65

Just a few short weeks ago, Microsoft held its Ignite conference. Over 29k people filled the Orange County Convention Center in Orlando, FL. It was a very energy-filled week! And your host, Jeffrey Pa...

2 Dec 201932min

John Campbell on a DevOps Success Story - Episode 64

Joining Jeffrey Palermo on the show today is John Campbell, a Director of Process and Solutions Architect at Anaqua! John has been with Anaqua for just over 3 years but has been in the industry for mo...

25 Nov 201936min

Matt Mitchell on DevOps on the .NET Core Engineering Services Team - Episode 63

Matt Mitchell is the lead engineer of the .NET Core Engineering Services Team at Microsoft. Matt joined Microsoft in 2006 after two years as an intern from 2004-05. Right out of the gate he did all C+...

18 Nov 201941min

James Montemagno on the Xamarin Development Cycle - Episode 62

Joining Jeffrey Palermo today on the podcast is James Montemagno! James is quite prolific in the space and has tons of content out on the web! Currently, James is a Principal Program Manager for Clien...

11 Nov 201945min

Jeff Hollan on Azure Functions and Serverless - Episode 61

This week, Jeff Hollan is joining the podcast! Jeff is a Principal Program Manager on the Azure Functions team. He is always developing and shipping solutions on the latest and greatest tech, and is p...

4 Nov 201937min

Shayne Boyer on the Landscape of Containers and Cloud-Native - Episode 60

Today's guest on the podcast is Shayne Boyer, a Principal Cloud Advocate and .NET Lead at Microsoft! For the last 15 years, he has been developing Microsoft-based technology, mixing in a little Oracle...

28 Okt 201942min

Daniel Jacobson on DevOps for Desktop Applications - Episode 59

Today's guest is Daniel Jacobson, a Program Management Lead on the Visual Studio team focused on empowering Windows Developers. Daniel was one of the speakers at the .NET Conf 2019 and will also be at...

21 Okt 201937min

Glenn Condron on New Capabilities in .NET - Episode 58

This week on the podcast, Jeffrey is speaking with Glenn Condron! Glenn is the Program Management Lead of the App Platform team within the Developer Division at Microsoft, focusing on .NET. With .NE...

14 Okt 201942min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium