- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Understand and stop the hacks you read about in the headlines! This practical guide includes secure code samples, built-in ASP.NET tools, and insider techniques to help your web applications stay safe and secure.
In ASP.NET Core Security, you will learn how to:
Understand common attacks against web applications
Implement attack countermeasures
Use testing tools, helper libraries, and scanning tools to improve security
Utilize built-in browser security features and activate them from ASP.NET Core applications
Handle security APIs in .NET and ASP.NET Core
Correctly manage passwords to minimize the damage done by a data leak
Securely store application secrets so that they are not accessible to an attacker
ASP.NET Core Security delivers the skills and countermeasures you need to keep your ASP.NET apps secure from the most common web application attacks. It gives you an invaluable security mindset to help you anticipate risks and introduce practices like testing as regular security checkups. The examples focus on the unique needs of ASP.NET applications, and also offer universal security best practices essential for any professional web developer. about the technology Nine out of ten web applications have security vulnerabilities. Apps built with the Microsoft stack are no different. This book lays out everything you need to know to secure your ASP.NET web applications, including unique security APIs, browser interactions, and common threats. about the book ASP.NET Core Security is a practical and hands-on guide to securing web applications built with ASP.NET. Written by Christian Wenz, a 20-year veteran of web security, it reveals attacks that threaten your apps and introduces the built-in ASP.NET features you can use to defend against them.
You'll start on the dark side, exploring the weapons used by hackers, such as cross-site scripting, session theft, and SQL injection. Each attack is illustrated with a use case plucked from the headlines, including rogue Firefox extensions and Adobe password thefts. And you'll really appreciate the detailed C# code samples that show you how exactly to prevent these attacks! You'll learn how to implement countermeasures, activate browser security features with ASP.NET, and securely store application secrets to keep them safe from attack.
Contents
table of contents PART 1: FIRSTS STEPS READ IN LIVEBOOK 1ON WEB APPLICATION SECURITY PART 2: MITIGATING COMMON ATTACKS READ IN LIVEBOOK 2CROSS-SITE SCRIPTING (XSS) READ IN LIVEBOOK 3ATTACKING SESSION MANAGEMENT READ IN LIVEBOOK 4CROSS-SITE REQUEST FORGERY READ IN LIVEBOOK 5UNVALIDATED DATA READ IN LIVEBOOK 6SQL INJECTION (AND OTHER INJECTIONS) PART 3: SECURE DATA STORAGE READ IN LIVEBOOK 7STORING SECRETS READ IN LIVEBOOK 8HANDLING PASSWORDS PART 4: CONFIGURATION READ IN LIVEBOOK 9HTTP HEADERS READ IN LIVEBOOK 10ERROR HANDLING READ IN LIVEBOOK 11LOGGING AND HEALTH CHECKS PART 5: AUTHENTICATION AND AUTHORIZATION READ IN LIVEBOOK 12SECURING WEB APPLICATIONS WITH ASP.NET CORE IDENTITY 13 SECURING APIS AND SINGLE PAGE APPLICATIONS (SPAS) PART 6: SECURITY AS A PROCESS 14 ECURE DEPENDENCIES 15 AUDIT TOOLS 16 OWASP TOP TEN
