ASP.NET Core Security

Understand and stop the hacks you read about in the headlines! This practical guide includes secure code samples, built-in ASP.NET tools, and insider techniques to help your web applications stay safe and secure. In ASP.NET Core Security, you will learn how to:

Understand common attacks against web applications Implement attack countermeasures Use testing tools, helper libraries, and scanning tools to improve security Utilize built-in browser security features and activate them from ASP.NET Core applications Handle security APIs in .NET and ASP.NET Core Correctly manage passwords to minimize the damage done by a data leak Securely store application secrets so that they are not accessible to an attacker

ASP.NET Core Security delivers the skills and countermeasures you need to keep your ASP.NET apps secure from the most common web application attacks. It gives you an invaluable security mindset to help you anticipate risks and introduce practices like testing as regular security checkups. The examples focus on the unique needs of ASP.NET applications, and also offer universal security best practices essential for any professional web developer. about the technology Nine out of ten web applications have security vulnerabilities. Apps built with the Microsoft stack are no different. This book lays out everything you need to know to secure your ASP.NET web applications, including unique security APIs, browser interactions, and common threats. about the book ASP.NET Core Security is a practical and hands-on guide to securing web applications built with ASP.NET. Written by Christian Wenz, a 20-year veteran of web security, it reveals attacks that threaten your apps and introduces the built-in ASP.NET features you can use to defend against them. You'll start on the dark side, exploring the weapons used by hackers, such as cross-site scripting, session theft, and SQL injection. Each attack is illustrated with a use case plucked from the headlines, including rogue Firefox extensions and Adobe password thefts. And you'll really appreciate the detailed C# code samples that show you how exactly to prevent these attacks! You'll learn how to implement countermeasures, activate browser security features with ASP.NET, and securely store application secrets to keep them safe from attack.