Sign up to save your podcasts
Or
Share Christian Wenz: ASP .NET Core Security - Episode 233
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Christian Wenz: ASP .NET Core Security - Episode 233
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian's favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Clear Measure Way
Architect Forum
Software Engineer Forum
Programming with Palermo — New Video Podcast! Email us [email protected]work
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo's Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Azure DevOps
Christian Microsoft Profile
ASP.NET Core Security
Christian's Books on Amazon
OWASP
Identity Server
Dependabot
Security Code Scan
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
View all episodes
By Jeffrey Palermo
4.6
2222 ratings
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master's degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian's favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Clear Measure Way
Architect Forum
Software Engineer Forum
Programming with Palermo — New Video Podcast! Email us [email protected]work
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo's Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Azure DevOps
Christian Microsoft Profile
ASP.NET Core Security
Christian's Books on Amazon
OWASP
Identity Server
Dependabot
Security Code Scan
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
More shows like Azure & DevOps Podcast
View all
Software Engineering Radio
271 Listeners
Hanselminutes with Scott Hanselman
383 Listeners
The Changelog: Software Development, Open Source
289 Listeners
Data Skeptic
480 Listeners
Software Engineering Daily
625 Listeners
The Cloudcast
151 Listeners
Talk Python To Me
585 Listeners
Thoughtworks Technology Podcast
43 Listeners
Python Bytes
215 Listeners
Y Combinator Startup Podcast
226 Listeners
Syntax - Tasty Web Development Treats
987 Listeners
Kubernetes Podcast from Google
182 Listeners
.NET Rocks!
244 Listeners
The Stack Overflow Podcast
63 Listeners
The Real Python Podcast
142 Listeners