Overview
Explore how ASP.NET Core addresses the OWASP Top 10 security issues in this comprehensive conference talk from NDC Security 2022. Dive into the flexible and extensible security toolkit offered by Microsoft's reworked web platform, including the updated authentication system in ASP.NET Core 2.0. Learn about injection prevention, broken authentication mitigation, sensitive data protection, XML external entities handling, access control implementation, security configuration best practices, cross-site scripting (XSS) prevention, secure deserialization techniques, managing components with known vulnerabilities, and implementing sufficient logging and monitoring. Gain insights on cross-site request forgery (CSRF) protection and receive a concise summary of ASP.NET Core security features to enhance your web application's security posture.
Syllabus
Intro
Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities
Broken Access Control
Requirement
Security Misconfiguration
Cross Site Scripting (XSS) Rating
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging and Monitoring
Bonus. Cross-Site Request Forgery (CSRF)
Remember to...
ASP.NET Core Security Summary
Taught by
NDC Conferences