search

As more and more data is exposed via APIs either as API-first companies or for the explosion of single page apps/JAMStack, API security can no longer be an afterthought. The hard part about APIs is that it provides direct access to large amounts of data while bypassing browser precautions. Instead of worrying about SQL injection and XSS issues, you should be concerned about the bad actor who was able to paginate through all your customer records and their data.

Bharat Dwarkani shared on Jul 21, 2020
image
dzone.com
bookmarks
share
visibility21
visibility21 share bookmarks

Awesome .NET Security Resources

Bharat Dwarkani shared on Jul 12, 2020
image
github.com
bookmarks
share
visibility23
visibility23 share bookmarks

Hardening the security of your ASP.NET core apps

Bharat Dwarkani shared on Jul 12, 2020
image
geeklearning.io
bookmarks
share
visibility13
visibility13 share bookmarks

After watching this course you'll have the knowledge and skills to mitigate common browser attacks by setting HTTP headers. The code samples are in ASP.NET Core and ASP.NET for .NET Framework.

Bharat Dwarkani shared on Apr 09, 2020
image
pluralsight.com
bookmarks
share
visibility19
visibility19 share bookmarks

Web applications are at constant risk of attack, and one of the most common attacks is the dreaded injection attack. This course will show you how to defeat three common injection attacks, including SQL Injection, in ASP.NET and ASP.NET Core.

Bharat Dwarkani shared on Apr 09, 2020
image
pluralsight.com
bookmarks
share
visibility11
visibility11 share bookmarks

In this article, we learn how to secure ASP.NET Core MVC Applications against top 10 attacks given by OWSAP (Open Web Application Security Project) in step by step way.

Bharat Dwarkani shared on Apr 05, 2020
image
codeproject.com
bookmarks
share
visibility20
visibility20 share bookmarks

Removing X-Powered By and Server Header in ASP.NET Core application for security reasons

Bharat Dwarkani wrote on Apr 05, 2020
image
sharetechlinks.com
bookmarks
share
visibility24
visibility24 share bookmarks

Azure Key Vault is a great way to store your IdentityServer4 signing keys; it is secure, versioned, and gives you access to robust access control mechanisms. However, I keep seeing many Azure Key Vault integrations that miss many of its features by storing the private key as a secret and then downloading the private key on application startup.

Bharat Dwarkani shared on Mar 30, 2020
image
scottbrady91.com
bookmarks
share
visibility20
visibility20 share bookmarks

The purpose here is to configure the data protection system in such a way that its keys are stored outside the app server, but also to do so in a secure manner. By default data protection keys may be stored in a local folder

Bharat Dwarkani shared on Mar 15, 2020
image
joonasw.net
bookmarks
share
visibility24
visibility24 share bookmarks

Specifying headers in middleware can be done in C# code by creating one or more pieces of middleware. Most examples in this post will use this approach. In short, you either create a new middleware class or call the Use method directly in the Configure method in Startup.cs

Bharat Dwarkani shared on Mar 13, 2020
image
blog.elmah.io
bookmarks
share
visibility29
visibility29 share bookmarks
add