The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Content provided by Jeffrey Palermo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeffrey Palermo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Azure DevOps Podcast
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Christian Wenz: ASP .NET Core Security - Episode 233
Manage episode 355851836 series 2446935
Content provided by Jeffrey Palermo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeffrey Palermo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master’s degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian’s favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Programming with Palermo — New Video Podcast! Email us programming@palermo.network
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer’s Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo’s Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
291 episodes
Share
Manage episode 355851836 series 2446935
Content provided by Jeffrey Palermo. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeffrey Palermo or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Christian Wenz works as a consultant, trainer, and author with a focus on web technologies and is the author or co-author of over 100 computer books. He regularly contributes to various IT magazines and speaks at conferences around the globe. Christian holds a "Diplom" (the German equivalent of a master’s degree) in Computer Sciences, and one in Business Informatics. In his day job, he is one of the founders of the web agency Arrabiata Solutions (http://www.arrabiata.com/) with offices in Munich, Germany, and in London, UK. He also frequently works with development teams to make their applications better performing, more secure, and more reliable.
Topics of Discussion:
[2:51] Has Christian really written over 100 computer books? Christian talks about the books and the high points of technology that he has worked in.
[7:16] What is the OWASP (Open Web Application Security Project) Top 10 list?
[10:33] You always have to be aware that something may go wrong, and have a security mindset.
[12:05] Again and again, make sure that you understand the fundamentals of web app security, because eventually, you will make a mistake in your code.
[12:30] What is insecure design?
[13:43] Christian talks about the enumeration scheme CWE: common weakness enumeration, which basically assigns a number to each risk or attack.
[17:00] How should people be logging into their web sessions now with .NET7?
[18:31] The major mistake you can make these days is to write your own authentication mechanism.
[23:57] What is Christian’s favorite mechanism today for securing HTTP web services?
[31:05] What are some of the tools Christian always reaches for, and how do we differentiate between static auditing and dynamically auditing an application?
Mentioned in this Episode:
Programming with Palermo — New Video Podcast! Email us programming@palermo.network
Clear Measure, Inc. (Sponsor)
.NET DevOps for Azure: A Developer’s Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon!
Jeffrey Palermo’s Twitter — Follow to stay informed about future events!
Architect Tips — Video podcast!
Configuring Code Scanning for a Repository
Want to Learn More?
Visit AzureDevOps.Show for show notes and additional episodes.
291 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Azure DevOps Podcast
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
