.net/C# specific

The language specific module

Secure coding in .net/C#

Developed by Riccardo ten Cate
    Security features of .NET and what kind of protection they serve
    C# language security (is C# a secure language?)
    .NET-specific issues
      Numeric overflow, automatic conversions
      Serialization
      Authentication, membership, provider model
      Login controls, session management
      Role based authorization
      ViewState
      Identity server
      OAuth
    Cryptography in .NET
      How to use a key vault
      How to test entropy of secure random solutions

Prerequisites

We assume that the developers attending the C# secdev course:
    are familiar with the C# language and with the .NET framework
    understand the HTTP protocol, HTML and Javascript
    are familiar with basic security features of an enterprise application (authentication, authorization, the concept of a session)
    have .net core 2.0 SDK and a suitable IDE installed on their laptop (labs desktop)
Last modified 2yr ago