Configuring Security Headers in ASP.NET 4 and ASP.NET Core 3 Applications

by Roland Guijt

After watching this course you'll have the knowledge and skills to mitigate common browser attacks by setting HTTP headers. The code samples are in ASP.NET Core and ASP.NET for .NET Framework.

Preview this course

What you'll learn

You’ve heard about attacks like Cross Site Scripting (CSS) and click-jacking. This course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications, will give you the skills needed to mitigate these kinds of attacks by turning on browser features in your ASP.NET(Core) application like Content Security Policy (CSP), Referrer Policy and Feature Policy. By the end of this course you'll not only know how to make these configurations, you'll understand how these attacks work.

Table of contents

Course Overview
1min
How Security Headers Help Protect Your Application
13mins
Controlling the Browser to Protect Against Cross Site Scripting (XSS) and Click-Jacking Attacks
21mins
Reducing the Attack Surface with X-Content-Type-Options, Subsource Integrity, and by Withholding Version Information
19mins

About the author

Roland Guijt

Roland is a Microsoft MVP enjoying a constant curiosity around new techniques in software development. His focus is on all things .Net and browser technologies. As a long-time trainer, he led many courses on these topics and spoke about them at international conferences. He also travels around the globe to offer his self-developed workshops. The word that comes to mind when he thinks about software development is passion! Roland lives in The Netherlands with his wife and two boys.

See more courses by Roland Guijt
Ready to upskill? Get started