YoVDO

ASP.NET: Security

Offered By: LinkedIn Learning

Tags

Web Security Courses Cross-Site Scripting (XSS) Courses SQL Injection Courses Cross-Site Request Forgery (CSRF) Courses Azure Key Vault Courses Password Hashing Courses OWASP Top 10 Courses

Course Description

Overview

Learn about common vulnerabilities in ASP.NET web applications and practical security solutions to mitigate the risks.

Syllabus

Introduction
  • Unhackable ASP.NET applications
  • Security is important!
  • What you should know
  • Sample application introduction
  • Sample application tour
1. Mitigating Common Attacks
  • OWASP Top 10
  • Cross-site scripting (XSS): The attack
  • Cross-site scripting (XSS): The defense
  • Cross-site scripting (XSS) in JavaScript
  • Same-origin policy and CORS
  • Enabling CORS in ASP.NET Web API
  • SQL injection with ADO.NET
  • SQL injection with Entity Framework
  • Fixing SQL injection
  • Cross-Site Request Forgery (CSRF)
  • Defending against CSRF
2. Storing Data
  • Storing secrets in Web.config
  • Externalizing Web.config settings
  • Encrypting Web.config
  • Azure Key Vault
  • Managing the Key Vault with Azure Shell
  • Password hashing
  • Adding password hashing to the app
3. Starting with IdentityServer
  • On IdentityServer
  • Configuring IdentityServer
  • Authenticating against IdentityServer
  • Authenticating in the app
  • Authorizing against IdentityServer
  • Authorizing in the app
4. Secure Configuration
  • Introduction
  • Securing cookies
  • Securing sessions
  • Setting cookie attributes in the app
  • Enforcing HTTPS
  • Error handling
  • Hiding server information
  • Hiding more server information
  • Security HTTP headers
Conclusion
  • Next steps

Taught by

Christian Wenz

Related Courses

Advanced PHP
LinkedIn Learning
Laravel 5.6 New Features
LinkedIn Learning
Node: Authentication
LinkedIn Learning
Node.js: Securing RESTful APIs
LinkedIn Learning
PHP Tips, Tricks, and Techniques
LinkedIn Learning