ASP.NET Core Security

  • 5h 7m
  • Christian Wenz
  • Manning Publications
  • 2022

Secure your ASP.NET applications before you get hacked! This practical guide includes secure coding techniques with annotated examples and full coverage of built-in ASP.NET Core security tools.

In ASP.NET Core Security, you will learn how to:

  • Understand and recognize common web app attacks
  • Implement attack countermeasures
  • Use testing and scanning tools and libraries
  • Activate built-in browser security features from ASP.NET
  • Take advantage of .NET and ASP.NET Core security APIs
  • Manage passwords to minimize damage from a data leak
  • Securely store application secrets

ASP.NET Core Security teaches you the skills and countermeasures you need to keep your ASP.NET Core apps secure from the most common web application attacks. With this collection of practical techniques, you will be able to anticipate risks and introduce practices like testing as regular security checkups. You’ll be fascinated as the author explores real-world security breaches, including rogue Firefox extensions and Adobe password thefts. The examples present universal security best practices with a sharp focus on the unique needs of ASP.NET Core applications.

about the technology

Your ASP.NET Core applications are under attack now. Are you ready? Th ere are specific countermeasures you can apply to keep your company out of the headlines. This book demonstrates exactly how to secure ASP.NET Core web applications, including safe browser interactions, recognizing common threats, and deploying the framework’s unique security APIs.

about the book

ASP.NET Core Security is a realistic guide to securing your web applications. It starts on the dark side, exploring case studies of cross-site scripting, SQL injection, and other weapons used by hackers. As you go, you’ll learn how to implement countermeasures, activate browser security features, minimize attack damage, and securely store application secrets. Detailed ASP.NET Core code samples in C# show you how each technique looks in practice.

About the Author

Christian Wenz is a web pioneer, technology specialist, and entrepreneur. Since 1999, he has written close to 150 books on web technologies and related topics, which have been translated into ten languages. At his day job, he consults for enterprises on digitization and Industry 4.0. A fixture at international developer conferences, he has presented on three continents. Christian has been an MVP for ASP.NET since 2004, is the lead author of the official PHP certification, and sporadically contributes to OSS projects. He holds university degrees in computer science and business informatics and is a two-time recipient of a Knuth reward check.

In this Book

  • Front Matter
  • On Web Application Security
  • Cross-Site Scripting (XSS)
  • Attacking Session Management
  • Cross-Site Request Forgery
  • Unvalidated Data
  • SQL Injection (and Other Injections)
  • Storing Secrets
  • Handling Passwords
  • HTTP Headers
  • Error Handling
  • Logging and Health Checks
  • Securing Web Applications with ASP.NET Core Identity
  • Securing APIs and Single Page Applications
  • Secure Dependencies
  • Audit Tools
  • OWASP Top 10


Rating 4.6 of 123 users Rating 4.6 of 123 users (123)
Rating 4.7 of 15 users Rating 4.7 of 15 users (15)