Azure & DevOps Podcast20 Feb 2023

Christian Wenz: ASP .NET Core Security - Episode 233

Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.

Topics of Discussion:

[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.

[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?

[10:33] You always have to be aware that something may go wrong, and have a security mindset.

[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.

[12:30] What is insecure design?

[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.

[17:00] How should people be logging into their web sessions now with .NET7?

[18:31] The major mistake you can make these days is to write your own authentication mechanism.

[23:57] What is Christian's favorite mechanism today for securing HTTP web services?

[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?

Mentioned in this Episode:

Clear Measure Way

Architect Forum

Software Engineer Forum

Programming with Palermo — New Video Podcast! Email us programming@palermo.network

Clear Measure, Inc. (Sponsor)

.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!

Jeffrey Palermo's Twitter — Follow to stay informed about future events!

Architect Tips — Video podcast!

Azure DevOps

Christian Microsoft Profile

ASP.NET Core Security

Christian's Books on Amazon

Configuring Code Scanning for a Repository

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(387)

James Avery on Scaling to 3 Billion Requests Per Day - Episode 51

James Avery is the founder and CEO of Adzerk. Adzerk is the next generation of publisher ad serving. It's built to be faster, easier to use, and comprehensive than anything on the market today. Adzerk...

26 Aug 201937min

Richard Lander on .NET Core Runtime - Episode 50

Today's guest, Richard Lander, is a Principal Program Manager on the .NET Core Team at Microsoft. He's been with Microsoft for a total of 19 years, 16 of which have been with the .NET team. Richard is...

19 Aug 201955min

Mads Torgersen on the Latest in C# - Episode 49

Today's guest is Mads Torgerson, the lead designer and program manager of the C# programming language. He has been with Microsoft for 14 years. And prior to that, Mads was a professor and also contrib...

12 Aug 201941min

Steve Smith on DevOps Quality - Episode 48

This week's guest is Steve Smith! Steve is an entrepreneur and software developer with a passion for building quality software as effectively as possible. He is the founder of Ardalis Services and Tec...

5 Aug 201938min

Daniel Roth on Blazor DevOps - Episode 47

Today's guest is Daniel Roth, a Program Manager on the ASP.NET team at Microsoft. He works on building frameworks for web developers, including ASP.NET Core and Blazor. He has previously worked on var...

29 Juli 201943min

Kendra Little on Database DevOps - Episode 46

Today's guest on this week's Azure DevOps Podcast is Kendra Little, a DevOps Advocate for Redgate Software and a Microsoft Certified Master in SQL Server. She has trained IT leaders, developers, and d...

22 Juli 201941min

Richard Campbell on Software Perspectives - Episode 45

Today's guest is Richard Campbell! Richard's career has spanned the computing industry — both on the hardware and the software side; development and operations. He was a co-founder of Strangeloop Netw...

15 Juli 201942min

Matthew Renze on Data Science for Developers - Episode 44

Jeffrey's guest today is Matthew Renze. Matthew is a Data Science Consultant, author, and public speaker. Over the past two decades, Matthew has taught over 200,000 developers and IT professionals how...

8 Juli 201938min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium