Secure Coding with OWASP in ASP.NET Core 6

سرفصل های دوره

ASP.NET Core 6 is used to build mission critical applications handling sensitive data. This course will teach you how to implement the most common security requirements and defenses recommended by OWASP in your ASP.NET Core 6 applications.

1. Course Overview

1. Course Overview

2. Secure Coding with OWASP Resources

1. Introduction to OWASP

2. OWASP ASVS

3. OWASP ASVS - Architecture

3. Authentication

1. ASP.NET Core Identity

2. Demo - Implement User Authentication

3. Password Hashing

4. Demo - Password Strength Policy

5. Demo - Sign-up and Account Confirmation

6. Demo - Password Reset

7. Demo - Two-factor Authentication

8. Demo - Rate Limiting Failed Logins

4. Session Management

1. ASP.NET Core Sessions

2. Demo - Cookie-based Session Parameters

3. Demo - Step-up Authentication

4. Demo - Logout

5. Access Control

1. ASP.NET Core Authorization

2. Demo - Role-based Access Control

3. Demo - Claims-based Access Control

4. Demo - Rendering UI Based on Level of Access

5. Preventing Cross-site Request Forgery (CSRF) Attacks

06. Securely Handling Input and Output Data

01. Input Validation

02. Demo - Input Validation

03. Demo - Redirect URL Validation

04. Encoding Output Data

05. Demo - Invoking Encoders in Code

06. Injection Attacks

07. Demo - Prevent SQL Injection Attacks with Entity Framework Core and ADO.NET

08. Demo - Prevent Operating System (OS) Command Injection

09. Insecure Deserialization

10. Demo - Prevent XML External Entity (XXE) Aattack

07. Protecting Sensitive Data

01. ASP.NET Core Data Protection

02. Demo - Encrypt and Decrypt Sensitive Data

03. Demo - Secrets Management

04. Protecting Data in the Browser

05. Demo - Send Sensitive Data in HTTP Request Body

06. Demo - Prevent Data from Being Cached in the Browser

07. Data Privacy

08. Demo - Implement Export and Deletion of Personal Data

09. Protecting Data in Transit

10. Demo - Enforce Use of HTTPS Protocol

11. Demo - Secure TLS Configuration for Outbound Network Connections

8. Secure Error Handling and Logging

1. ASP.NET Core Logging and Exception Handling

2. Demo - Redact Sensitive Information Before Logging

3. Demo - Log Relevant Security Events

4. Demo - Prevent Leaking Sensitive Information through Error Pages

9. Managing Vulnerable Dependencies

1. Risks from Dependencies

2. Demo - NuGet Packages

3. Demo - Find Vulnerable and Deprecated Dependencies

4. Demo - Generate Sub-Resource Integrity (SRI) Hashes for JavaScript

10. Protecting the Business Logic

1. Business Logic Flaws

2. Demo - Protecting Business Logic Integrity

3. Demo - Protecting Business Logic Flows

4. Demo - Implement Rate Limiting

11. Handling Untrusted Files

1. Handling Files in ASP.NET Core

2. Demo - Prevent Large File Upload

3. Demo - Scan Uploaded Files for Viruses and Malware

4. Demo - Securely Store Uploaded Files

5. Preventing Server-side Request Forgery (SSRF) Attacks

6. Demo - Prevent SSRF Attacks

12. Hardening Configuration

1. Hardening ASP.NET Core Applications

2. Demo - Disable Debugging Facilities

3. Demo - Hide System Component Information

4. Demo - Validate HTTP Request Headers

5. Demo - Set HTTP Security Headers in Responses

13. API Security

1. Web Application Security Versus API Security

2. Demo - Using Bearer Tokens

3. Demo - Implementing CORS

4. Course Summary

189,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight