Book description
Incorporate security best practices into ASP.NET Core. This book covers security-related features available within the framework, explains where these feature may fall short, and delves into security topics rarely covered elsewhere. Get ready to dive deep into ASP.NET Core 3.1 source code, clarifying how particular features work and addressing how to fix problems.
Advanced ASP.NET Core 3 Security is designed to train developers to avoid these problems. Unlike the vast majority of security books that are targeted to network administrators, system administrators, or managers, this book is targeted specifically to ASP.NET developers. Author Scott Norberg begins by teaching developers how ASP.NET Core works behind the scenes by going directly into the framework's source code. Then he talks about how various attacks are performed using the very tools that penetration testers would use to hack into an application. He shows developers how to prevent these attacks. Finally, he covers the concepts developers need to know to do some testing on their own, without the help of a security professional.
What You Will Learn
- Discern which attacks are easy to prevent, and which are more challenging, in the framework
- Dig into ASP.NET Core 3.1 source code to understand how the security services work
- Establish a baseline for understanding how to design more secure software
- Properly apply cryptography in software development
- Take a deep dive into web security concepts
- Validate input in a way that allows legitimate traffic but blocks malicious traffic
- Understand parameterized queries and why they are so important to ASP.NET Core
- Fix issues in a well-implemented solution
- Know how the new logging system in ASP.NET Core falls short of security needs
- Incorporate security into your software development process
Who This Book Is For
Software developers who have experience creating websites in ASP.NET and want to know how to make their websites secure from hackers and security professionals who work with a development team that uses ASP.NET Core. A basic understanding of web technologies such as HTML, JavaScript, and CSS is assumed, as is knowledge of how to create a website, and how to read and write C#. You do not need knowledge of security concepts, even those that are often covered in ASP.NET Core documentation.
Table of contents
- Cover
- Front Matter
- 1. Introducing ASP.NET Core
- 2. General Security Concepts
- 3. Cryptography
- 4. Web Security Concepts
- 5. Understanding Common Attacks
- 6. Processing User Input
- 7. Authentication and Authorization
- 8. Data Access and Storage
- 9. Logging and Error Handling
- 10. Setup and Configuration
- 11. Secure Application Life Cycle Management
- Back Matter
Product information
- Title: Advanced ASP.NET Core 3 Security : Understanding Hacks, Attacks, and Vulnerabilities to Secure Your Website
- Author(s):
- Release date: October 2020
- Publisher(s): Apress
- ISBN: 9781484260142
You might also like
video
Python Fundamentals
51+ hours of video instruction. Overview The professional programmer’s Deitel® video guide to Python development with …
book
Data Science from Scratch, 2nd Edition
To really learn data science, you should not only master the tools—data science libraries, frameworks, modules, …
book
Python Crash Course, 2nd Edition
This is the second edition of the best selling Python book in the world. Python Crash …
book
Programming ASP.NET Core, First edition
The complete, pragmatic guide to building high-value solutions with ASP.NET Core Programming ASP.NET Core is the …