Sign up to save your podcasts
Or
Share Christian Wenz: ASP .NET Core Security - Episode 233
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Christian Wenz: ASP .NET Core Security - Episode 233
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master’s degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian’s favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Clear Measure Way
Architect Forum
Software Engineer Forum
Programming with Palermo — New Video Podcast! Email us [email protected]work
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer’s Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo’s Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Azure DevOps
Christian Microsoft Profile
ASP.NET Core Security
Christian’s Books on Amazon
OWASP
Identity Server
Dependabot
Security Code Scan
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
View all episodes
By Jeffrey Palermo
4.5
2020 ratings
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master’s degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian’s favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Clear Measure Way
Architect Forum
Software Engineer Forum
Programming with Palermo — New Video Podcast! Email us [email protected]work
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer’s Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo’s Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Azure DevOps
Christian Microsoft Profile
ASP.NET Core Security
Christian’s Books on Amazon
OWASP
Identity Server
Dependabot
Security Code Scan
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
More shows like Azure & DevOps Podcast
View all
Hanselminutes with Scott Hanselman
378 Listeners
Software Engineering Radio - the podcast for professional software developers
262 Listeners
.NET Rocks!
245 Listeners
The Changelog: Software Development, Open Source
285 Listeners
The Cloudcast
154 Listeners
Thoughtworks Technology Podcast
43 Listeners
Talk Python To Me
584 Listeners
Software Engineering Daily
630 Listeners
AWS Podcast
200 Listeners
Data Engineering Podcast
143 Listeners
Syntax - Tasty Web Development Treats
985 Listeners
Kubernetes Podcast from Google
182 Listeners
The Stack Overflow Podcast
63 Listeners
The Real Python Podcast
137 Listeners
The Pragmatic Engineer
48 Listeners