ASP.NET Core Security (Paperback)
暫譯: ASP.NET Core 安全性 (平裝本)

Wenz, Christian

ASP.NET Core Security (Paperback)
  • 出版商: Manning
  • 出版日期: 2022-08-12
  • 定價: $2,100
  • 售價: 9.5$1,995
  • 貴賓價: 9.0$1,890
  • 語言: 英文
  • 頁數: 365
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1633439984
  • ISBN-13: 9781633439986
  • 相關分類: .NETASP.NET資訊安全

    • 立即出貨 (庫存 < 3)

買這商品的人也買了...

相關主題

商品描述

Secure your ASP.NET applications before you get hacked! This practical guide includes secure coding techniques with annotated examples and full coverage of built-in ASP.NET Core security tools.

In ASP.NET Core Security, you will learn how to:

Understand and recognize common web app attacks
Implement attack countermeasures
Use testing and scanning tools and libraries
Activate built-in browser security features from ASP.NET
Take advantage of .NET and ASP.NET Core security APIs
Manage passwords to minimize damage from a data leak
Securely store application secrets

ASP.NET Core Security teaches you the skills and countermeasures you need to keep your ASP.NET Core apps secure from the most common web application attacks. With this collection of practical techniques, you will be able to anticipate risks and introduce practices like testing as regular security checkups. You'll be fascinated as the author explores real-world security breaches, including rogue Firefox extensions and Adobe password thefts. The examples present universal security best practices with a sharp focus on the unique needs of ASP.NET Core applications.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Your ASP.NET Core applications are under attack now. Are you ready? Th ere are specific countermeasures you can apply to keep your company out of the headlines. This book demonstrates exactly how to secure ASP.NET Core web applications, including safe browser interactions, recognizing common threats, and deploying the framework's unique security APIs.

About the book
ASP.NET Core Security is a realistic guide to securing your web applications. It starts on the dark side, exploring case studies of cross-site scripting, SQL injection, and other weapons used by hackers. As you go, you'll learn how to implement countermeasures, activate browser security features, minimize attack damage, and securely store application secrets. Detailed ASP.NET Core code samples in C# show you how each technique looks in practice.

What's inside

Understand and recognize common web app attacks
Testing tools, helper libraries, and scanning tools
Activate built-in browser security features
Take advantage of .NET and ASP.NET Core security APIs
Manage passwords to minimize damage from a data leak

About the reader
For experienced ASP.NET Core web developers.

About the author
Christian Wenz is a web pioneer, consultant, and entrepreneur.

Table of Contents

PART 1 FIRST STEPS
1 On web application security
PART 2 MITIGATING COMMON ATTACKS
2 Cross-site scripting (XSS)
3 Attacking session management
4 Cross-site request forgery
5 Unvalidated data
6 SQL injection (and other injections)
PART 3 SECURE DATA STORAGE
7 Storing secrets
8 Handling passwords
PART 4 CONFIGURATION
9 HTTP headers
10 Error handling
11 Logging and health checks
PART 5 AUTHENTICATION AND AUTHORIZATION
12 Securing web applications with ASP.NET Core Identity
13 Securing APIs and single page applications
PART 6 SECURITY AS A PROCESS
14 Secure dependencies
15 Audit tools
16 OWASP Top 10

商品描述(中文翻譯)

在被駭客攻擊之前,確保您的 ASP.NET 應用程式安全!這本實用指南包含安全編碼技術,附有註解範例,並全面介紹內建的 ASP.NET Core 安全工具。

ASP.NET Core Security 中,您將學習如何:

了解並識別常見的網頁應用程式攻擊

實施攻擊對策

使用測試和掃描工具及函式庫

啟用 ASP.NET 的內建瀏覽器安全功能

利用 .NET 和 ASP.NET Core 安全 API

管理密碼以最小化資料洩漏的損害

安全地儲存應用程式密鑰

ASP.NET Core Security 教授您保持 ASP.NET Core 應用程式安全所需的技能和對策,以防範最常見的網頁應用程式攻擊。透過這些實用技術的集合,您將能夠預測風險並引入測試等常規安全檢查的做法。當作者探討現實世界的安全漏洞時,您將會感到著迷,包括惡意的 Firefox 擴展和 Adobe 密碼盜竊。這些範例展示了通用的安全最佳實踐,並專注於 ASP.NET Core 應用程式的獨特需求。

購買印刷版書籍可獲得 Manning Publications 提供的免費 PDF、Kindle 和 ePub 格式電子書。

關於技術

您的 ASP.NET Core 應用程式現在正受到攻擊。您準備好了嗎?有一些特定的對策可以應用,以使您的公司不會成為新聞的焦點。本書準確展示了如何保護 ASP.NET Core 網頁應用程式,包括安全的瀏覽器互動、識別常見威脅以及部署框架的獨特安全 API。

關於本書

ASP.NET Core Security 是一本現實的網頁應用程式安全指南。它從黑暗面開始,探討跨站腳本、SQL 注入和駭客使用的其他武器的案例研究。在過程中,您將學習如何實施對策、啟用瀏覽器安全功能、最小化攻擊損害以及安全地儲存應用程式密鑰。詳細的 C# ASP.NET Core 代碼範例展示了每種技術在實踐中的樣子。

內容概覽

了解並識別常見的網頁應用程式攻擊

測試工具、輔助函式庫和掃描工具

啟用內建的瀏覽器安全功能

利用 .NET 和 ASP.NET Core 安全 API

管理密碼以最小化資料洩漏的損害

關於讀者

適合有經驗的 ASP.NET Core 網頁開發人員。

關於作者

Christian Wenz 是一位網頁先驅、顧問和企業家。

目錄

第一部分 初步步驟

1 網頁應用程式安全

第二部分 減輕常見攻擊

2 跨站腳本 (XSS)

3 攻擊會話管理

4 跨站請求偽造

5 未經驗證的資料

6 SQL 注入 (及其他注入)

第三部分 安全資料儲存

7 儲存密鑰

8 處理密碼

第四部分 配置

9 HTTP 標頭

10 錯誤處理

11 日誌記錄和健康檢查

第五部分 認證與授權

12 使用 ASP.NET Core Identity 保護網頁應用程式

13 保護 API 和單頁應用程式

第六部分 安全作為一個過程

14 安全依賴項

15 審計工具

16 OWASP 前十名

作者簡介

Christian Wenz is a web pioneer, technology specialist, and entrepreneur. Since 1999, he has written close to 150 books on web technologies and related topics, which have been translated into ten languages. In his day job, he consults enterprises on digitization and Industry 4.0. A fixture at international developer conferences, he has presented on three continents. Christian has been an MVP for ASP.NET since 2004, is the lead author of the official PHP certification, and sporadically contributes to OSS projects. He holds university degrees in computer science and business informatics and is a two-time recipient of a Knuth award check.

作者簡介(中文翻譯)

Christian Wenz 是一位網路先驅、技術專家和企業家。自1999年以來,他撰寫了近150本有關網路技術及相關主題的書籍,這些書籍已被翻譯成十種語言。在他的日常工作中,他為企業提供有關數位化和工業4.0的諮詢服務。作為國際開發者會議的常客,他在三大洲進行過演講。自2004年以來,Christian 一直是 ASP.NET 的 MVP,並且是官方 PHP 認證的主要作者,偶爾也會為開源軟體(OSS)專案做出貢獻。他擁有計算機科學和商業資訊學的學位,並且兩次獲得 Knuth 獎的支票。

類似商品