.NET 6 Secure Programming

Learn how to create safe and secure applications in .NET 6. This includes knowing how to mitigate the top current security vulnerabilities. In class, we discuss securing .NET Web API, ASP.NET Core, and Windows services. The goal of the class is full coverage of the CIA Triad for .NET 6. Different aspects of the class provide instruction for confidentiality, integrity, and authentication. There is also a complete discussion of authorization. Securing network communication is a consistent theme throughout the class. For that reason, the course includes these topics: TLS/SSL, HTTP, and crypto. Authentication is another important component for securing network communication. A myriad of authentication techniques are provided, including Claims, OAuth 2, X509 certificates, and JWT authentication, primarily for Web APIs. Both ASP.NET Core and Kestrel web servers are available in .NET 6. We will compare and contrast both from a security perspective. Class includes exploring the technology stack that supports .NET security, such as claims, middleware, entities, and more that form the foundation of security in .NET 6. Class reviews common vulnerabilities and best practices. This is done with OWASP. You learn how to mitigate the top ten vulnerabilities for this year in both the web application and web API domains.