You’ve heard about attacks like Cross Site Scripting (CSS) and click-jacking. This course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications, will give you the skills needed to mitigate these kinds of attacks by turning on browser features in your ASP.NET(Core) application like Content Security Policy (CSP), Referrer Policy and Feature Policy. By the end of this course you'll not only know how to make these configurations, you'll understand how these attacks work.
Course Overview (Music) Hi everyone. My name is Roland Guijt, and welcome to my course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications. I'm a Microsoft MVP and independent consultant and trainer based in The Netherlands. I have some bad and some good news for you. The bad is that browsers are unsafe by default. The good is that the browser itself can solve that problem for the most part by using security headers. And that's what this course is about. Some of the major topics we will cover include how HTTP headers can be set in both ASP.NET and ASP.NET Core applications, protecting against cross-site scripting and clickjacking attacks using headers, controlling referrer information, and minimizing exposure of sensitive data. By the end of this course, you are able to effectively protect the browser side of your application against the most common attacks. Before beginning the course, you should be familiar with either ASP.NET Core or ASP.NET for .NET Framework. So get ready to invest a little time to protect your application with my course, Configuring Security Headers in ASP.NET and ASP.NET Core Applications, at Pluralsight.