Securing ASP.NET and ASP.NET Core Applications

It can be daunting to get started in the vast world that is ASP.Net Authentication. With a few basic concepts, it is easy to get started with ASP.Net Authentication. This course, ASP.NET Authentication - The Big Picture, will teach you the basics of modern authentication. You will first learn about the factors that affect which authentication methods are best for your application. This is important because it can pose a security risk to your business and your users. You will then be able to compare and contrast the various authentication options available. It will become clear that passwords are not enough and that not all second factor are created equal. You will also learn about the ASP.NET Core libraries that you can use to create these authentication systems and where you can find more information. After completing this course, you will be able to implement your preferred authentication method in ASP.NET Core.

If you're a.NET web developer, you know how powerful ASP.NET can be for building web apps. This course, Implementing httpS in ASP.NET Core and ASP.NET Core will teach you how to secure your web applications using HTTPS. You will first learn about HTTPS and the associated protocols. Next, you'll learn the benefits of requiring HTTPS to website users. You will also learn how to use HSTS for further protection of your website. This course will teach you how to secure all requests to your website over HTTPS. It will also protect your company's data during transit.

Any business can lose control of API keys and production passwords. This can lead to huge losses. This course, Securing Application Secrets with ASP.NET Core, will teach you how to protect secrets from development to production. You will first learn the principles behind protecting application secrets and what anti-patterns you should avoid. You will then learn how Secret Manager can be used to secure your practice while you are developing. You will also learn how to use Key Vault to protect secrets in production. This course will equip you with the knowledge and skills to protect application secrets in your ASP.NET apps once you are done.

Cross Site Scripting and click-jacking are two of the most common types of attacks. This course, Configuring Security headers in ASP.NET core applications, will teach you how to prevent these types of attacks. You can turn on browser features in your ASP.NET (Core) application such as Content Security Policy, Referrer Policy, and Feature Policy. This course will teach you how to configure these configurations and how they work.

Incorrect error handling and insufficient logging can lead to security issues for your ASP.NET Core and ASP.NET Core apps. This course, Securely handling errors and logging security events in ASP.NET core and ASP.NET Core will teach you how to gracefully log and shield errors, and also how to effectively log security events. You will first learn about global exception handling and logging. Next, you'll learn what security events are and what information to log. You will also learn how to analyze log entries and make them accessible for further analysis. This course will equip you with the knowledge and skills to securely handle errors and log security events in ASP.NET Core and ASP.NET Core.

Your website's authentication and authorization can help protect your users and their data from hackers. Although perfect security is impossible, there are many ways to keep your site safe. This course, Secure User Account Authentication Practices ASP.NET Core and ASP.NET Core, will teach you how to create secure websites using recommended practices for user account management, authentication, and authorization. You'll first learn how to implement user authentication and registration. This includes password policies and password recovery. Next, you'll discover how to add additional security through multi-factor authentication and the prevention of some common authentication-related attacks. You'll also learn how to add authorization on your website to stop authenticated users seeing or doing anything they shouldn't be able. This course will equip you with the knowledge and skills necessary to create secure websites for your customers and yourself.

Learn how to use data validation in your ASP.NET Core and ASP.NET Core applications. This course, ASP.NET Core & ASP.NET Input validation, will teach you both the basics of validation and how to apply it in your own applications. You will first learn how to use the built-in ASP.NET Core validations. Next, you'll learn how to create your own validations using both server-side as client-side logic. You will also learn how to create custom validations. You will be able validate user input confidently after you have completed this course.

Bad actors are constantly attacking web applications, even the one you have just created. This course, Defeating injection Attacks in ASP.NET Core and ASP.NET Core will teach you how to protect against common injection attacks in ASP.NET apps. You will first learn about SQL injection attacks and how to stop them. Next, you'll learn how to prevent injection attacks against NoSQL. You will also see examples of process injection attacks and how to avoid them. This course will equip you with the knowledge and skills to defeat injection attacks for ASP.NET, which is essential in building secure applications.

Cross Site Request Forgery is an attack technique that lures users into performing actions on websites without their knowledge. This course will teach you how Cross Site Request Forgery is carried out, the dangers involved, and how to prevent it. The first step is to understand the nature of these attacks. Then, you will learn how to prevent them by using both older and newer techniques. These techniques can be applied to all of your applications. This course will equip you with the knowledge and skills to protect your applications from this terrible attack.

Cross Site Scripting is extremely dangerous. An attacker can gain access to browser functions and steal sensitive information. They also have the ability to coerce users into taking unintended actions. This course, Cross Site Scripting Prevention for ASP.NET Core (XSS) and ASP.NET Applications, will explain what XSS means, how it can be prevented, and why it is so dangerous. You'll first learn about the nature of these attacks. Then, you will learn how to prevent them by using encoding techniques. These techniques can be applied to all of your applications. This course will equip you with the knowledge and skills to protect your applications from this terrible attack.

When we think about attacks on websites or applications, we often think of SQL Injection, Cross-site request forgery, and attacks on our authentication layer. There are many other ways to attack our applications. These can happen whenever our application needs to read binary or JSON data or XML data. Protecting Against XML External Entity Attacks in ASP.NET Core and ASP.NET Core explains three of these attacks: the XML External Entities attack, the XML bomb, or Billion laughs attack, and the Insecure Deserialization family. The XML External Entities attack and the Insecure deserialization attacks were both important enough to be included on the OWASP top 10. List for 2017. After you complete this course, you'll learn about the attacks, their mechanisms, and how you can defend your.NET applications.

Applications are facing the most serious vulnerabilities today because of unprotected sensitive information. This course, Protecting Sensitive Information from Exposure in ASP.NET or ASP.NET Core Applications, will teach you how to stop attackers from obtaining personal information, credit card numbers, and other sensitive data. You'll first learn how to classify data and determine what is potentially sensitive. Next, you will learn about the protection measures you should use when dealing with sensitive data. You'll also learn how tokenization and cryptographic techniques can be used to keep your data secure while still being usable. This course will equip you with the knowledge and skills to protect sensitive data in your system from possible exposure.

You can increase the security of your ASP.NET Framework (Core and Framework) web apps by scanning your web code for common vulnerabilities. This course, Using Security Analysis tools to Protect ASP.NET Core Applications and ASP.NET Core Applications will teach you the basics of scanning your web applications and how to automate build processes. You will first learn about static code analysis. Next, you'll discover how to use a security-focused static analyzer to scan your code. Next, you'll learn about package vulnerability scanning. This will allow you to analyze your packages against a list of known vulnerabilities. You will also learn how to integrate both types of scans into automated build processes. This course will equip you with the knowledge and skills to scan security applications for your ASP.NET Core and ASP.NET Core web apps.

Applications that use the same origin server and client are less common in modern applications. APIs can be accessed by multiple clients on different origins. This course, Configuring ASP.NET CORS in ASP.NET Core and ASP.NET Core, will teach you how to set up CORS for your APIs so that only approved client apps can access them. You will first learn about how CORS is implemented by browsers. Next, you'll learn how to configure ASP.NET to allow CORS requests to trusted origins. You will also learn about the various CORS request types and configuration options that can be used to optimize and secure requests from other origins. This course will teach you how to identify and configure CORS in your ASP.NET Core and ASP.NET Core applications.