Configuring Security Headers in ASP.NET and ASP.NET Core Applications

After watching this course you'll have the knowledge and skills to mitigate common browser attacks by setting HTTP headers. The code samples are in ASP.NET Core and ASP.NET for .NET Framework.
Course info
Level
Intermediate
Updated
Sep 30, 2019
Duration
52m
Table of contents
Description
Course info
Level
Intermediate
Updated
Sep 30, 2019
Duration
52m
Description

You’ve heard about attacks like Cross Site Scripting (CSS) and click-jacking. This course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications, will give you the skills needed to mitigate these kinds of attacks by turning on browser features in your ASP.NET(Core) application like Content Security Policy (CSP), Referrer Policy and Feature Policy. By the end of this course you'll not only know how to make these configurations, you'll understand how these attacks work.

About the author
About the author

Roland is a Microsoft MVP enjoying a constant curiosity around new techniques in software development. His focus is on all things .Net and browser technologies.

More from the author
Creating Blazor Components
Intermediate
1h 21m
Dec 23, 2019
Understanding ASP.NET Core 3.x
Beginner
2h 58m
Aug 20, 2019
More courses by Roland Guijt
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music) Hi everyone. My name is Roland Guijt, and welcome to my course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications. I'm a Microsoft MVP and independent consultant and trainer based in The Netherlands. I have some bad and some good news for you. The bad is that browsers are unsafe by default. The good is that the browser itself can solve that problem for the most part by using security headers. And that's what this course is about. Some of the major topics we will cover include how HTTP headers can be set in both ASP.NET and ASP.NET Core applications, protecting against cross-site scripting and clickjacking attacks using headers, controlling referrer information, and minimizing exposure of sensitive data. By the end of this course, you are able to effectively protect the browser side of your application against the most common attacks. Before beginning the course, you should be familiar with either ASP.NET Core or ASP.NET for .NET Framework. So get ready to invest a little time to protect your application with my course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications, at Pluralsight.