You're reading from ASP.NET Core 5 Secure Coding Cookbook Practical recipes for tackling vulnerabilities in your ASP.NET web applications

Product type Paperback

Published in Jul 2021

Publisher Packt

ISBN-13 9781801071567

Length 324 pages

Edition 1st Edition

Languages

Tools

.NET Core

Concepts

Web Programming

Author (1):

Roman Canlas

View More author details

Table of Contents (15) Chapters

Preface

1. Chapter 1: Secure Coding Fundamentals

2. Chapter 2: Injection Flaws FREE CHAPTER

3. Chapter 3: Broken Authentication

4. Chapter 4: Sensitive Data Exposure

5. Chapter 5: XML External Entities

6. Chapter 6: Broken Access Control

7. Chapter 7: Security Misconfiguration

8. Chapter 8: Cross-Site Scripting

9. Chapter 9: Insecure Deserialization

10. Chapter 10: Using Components with Known Vulnerabilities

11. Chapter 11: Insufficient Logging and Monitoring

12. Chapter 12: Miscellaneous Vulnerabilities

13. Chapter 13: Best Practices

14. Other Books You May Enjoy

Preface

ASP.NET Core is fast becoming the web application framework of choice for developers and is now in the top ranks of platform popularity. ASP.NET Core web applications are also no exception when it comes to being targets for malicious attacks. As more and more web developers write code to create these ASP.NET Core web applications, the need to educate developers on writing secure code also increases.

An ASP.NET Core application developed with secure code can withstand attacks and help reduce its risk of exploitation. With proper guidance on fixing security flaws in code, ASP.NET Core web applications can prevent or stop security problems.

This book covers code examples written in C# with steps on remediating various ASP.NET Core web application vulnerabilities discovered by a secure code review or security test. You'll find practical examples and different ways to solve the security bugs introduced by insecure code in a recipe-style format.

This book begins with a chapter on the fundamentals of secure coding, but the succeeding content is patterned using the OWASP Top 10 (2017 version). The OWASP Top 10 is the de facto standard documentation for the most common risks to web applications.

Each chapter in this book (starting with Chapter 2, Injection Flaws) represents problem-solution content for each type of risk. Chapter 12, Miscellaneous Vulnerabilities focuses on various other vulnerabilities that were previously in the OWASP Top 10 for additional coverage. The last chapter discusses secure coding best practices.

By the end of this book, you will be able to identify the different types of vulnerabilities in ASP.NET Core web applications and will have the know-how to remediate them in code.