OWASP Top 10 Web Application Security Risks for ASP.NET

by Troy Hunt

This course introduces the OWASP Top 10 Most Critical Web Application Security Risks including how to demonstrate and mitigate them in ASP.NET.

What you'll learn

Web applications today are being hacked with alarming regularity by hacktivists, online criminals, and nation states.

Very frequently, it is the same prevalent security risks being exploited which is why the Open Web Application Security Project (OWASP) developed their list of Top 10 Most Critical Web Application Security Risks to help developers build more secure software.

This course helps developers apply the Top 10 in ASP.NET using both web forms and MVC by walking through an overview of the risk, demonstrating how it can be exploited in .NET and then delving into the various approaches available to mitigate it by applying security in depth.

Table of contents

Course FAQ

Who is OWASP?

OWASP is the Open Web Application Security Project - a global nonprofit organization whose focus is on improving web security.

What is the OWASP Top 10?

OWASP publishes a Top Ten list of the current most vulnerable security risks posed to web applications.

Is my web app vulnerable?

Something to remember is that nobody is safe from determined attackers - but don't let yourself be a low-hanging fruit.

What will I learn in this course?

While the OWASP Top 10 is technology agnostic, in this guide, we will be looking specifically at ASP.NET security.

What prerequisites are needed?

You will need a working knowledge of the .NET platform as this course is designed to show you how to locate and how to implement security in ASP.NET web applications.

Who is this course for?

This course is aimed at developers who want to protect their web apps from common security exploits.

About the author

Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.

Ready to upskill? Get started