語系:
繁體中文
English
說明(常見問題)
圖資館首頁
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
Advanced ASP.NET Core 3 Securityunde...
~
Norberg, Scott.
Advanced ASP.NET Core 3 Securityunderstanding hacks, attacks, and vulnerabilities to secure your website /
紀錄類型:
書目-電子資源 : Monograph/item
正題名/作者:
Advanced ASP.NET Core 3 Securityby Scott Norberg.
其他題名:
understanding hacks, attacks, and vulnerabilities to secure your website /
作者:
Norberg, Scott.
出版者:
Berkeley, CA :Apress :2020.
面頁冊數:
xx, 405 p. :ill., digital ;24 cm.
Contained By:
Springer Nature eBook
標題:
Web sitesSecurity measures.
電子資源:
https://doi.org/10.1007/978-1-4842-6014-2
ISBN:
9781484260142$q(electronic bk.)
Advanced ASP.NET Core 3 Securityunderstanding hacks, attacks, and vulnerabilities to secure your website /
Norberg, Scott.
Advanced ASP.NET Core 3 Security
understanding hacks, attacks, and vulnerabilities to secure your website /[electronic resource] :by Scott Norberg. - Berkeley, CA :Apress :2020. - xx, 405 p. :ill., digital ;24 cm.
Chapter 1: Introducing ASP.NET Core -- Chapter 2: General Security Concepts -- Chapter 3: Cryptography -- Chapter 4: Web Security Concepts -- Chapter 5: Understanding Common Attacks -- Chapter 6: Processing User Input -- Chapter 7: Authentication and Authorization -- Chapter 8: Data Access and Storage. - Chapter 9: Logging and Error Handling -- Chapter 10: Setup and Configuration -- Chapter 11: Secure Application Life Cycle Management.
Incorporate security best practices into ASP.NET Core. This book covers security-related features available within the framework, explains where these feature may fall short, and delves into security topics rarely covered elsewhere. Get ready to dive deep into ASP.NET Core 3.1 source code, clarifying how particular features work and addressing how to fix problems. For straightforward use cases, the ASP.NET Core framework does a good job in preventing certain types of attacks from happening. But for some types of attacks, or situations that are not straightforward, there is very little guidance available on how to safely implement solutions. And worse, there is a lot of bad advice online on how to implement functionality, be it encrypting unsafely hard-coded parameters that need to be generated at runtime, or articles which advocate for certain solutions that are vulnerable to obvious injection attacks. Even more concerning is the functions in ASP.NET Core that are not as secure as they should be by default. Advanced ASP.NET Core 3 Security is designed to train developers to avoid these problems. Unlike the vast majority of security books that are targeted to network administrators, system administrators, or managers, this book is targeted specifically to ASP.NET developers. Author Scott Norberg begins by teaching developers how ASP.NET Core works behind the scenes by going directly into the framework's source code. Then he talks about how various attacks are performed using the very tools that penetration testers would use to hack into an application. He shows developers how to prevent these attacks. Finally, he covers the concepts developers need to know to do some testing on their own, without the help of a security professional. What You Will Learn Discern which attacks are easy to prevent, and which are more challenging, in the framework Dig into ASP.NET Core 3.1 source code to understand how the security services work Establish a baseline for understanding how to design more secure software Properly apply cryptography in software development Take a deep dive into web security concepts Validate input in a way that allows legitimate traffic but blocks malicious traffic Understand parameterized queries and why they are so important to ASP.NET Core Fix issues in a well-implemented solution Know how the new logging system in ASP.NET Core falls short of security needs Incorporate security into your software development process This book is for software developers who have experience creating websites in ASP.NET and want to know how to make their websites secure from hackers and security professionals who work with a development team that uses ASP.NET Core. A basic understanding of web technologies such as HTML, JavaScript, and CSS is assumed, as is knowledge of how to create a website, and how to read and write C#. You do not need knowledge of security concepts, even those that are often covered in ASP.NET Core documentation. Scott Norberg is a web security specialist currently based in the Seattle, Washington area. He has almost 15 years of experience successfully delivering software products in a wide range of roles. As a security consultant, he has experience with many testing tools and techniques, including Dynamic (DAST) and Static (SAST) testing, as well as manual testing and reviewing source code. Along with the many websites he has designed and built with various versions of ASP.NET, he has performed security assessments for many more. While his language of choice is C#, he has also built websites, components, and other tools in F#, VB.NET, Python, R, Java, and Pascal. He holds several certifications, including Microsoft Certified Technology Specialist (MCTS), certifications for ASP.NET and SQL Server, and a Certified Information Systems Security Professional (CISSP) certification. He also has an MBA from Indiana University.
ISBN: 9781484260142$q(electronic bk.)
Standard No.: 10.1007/978-1-4842-6014-2doiSubjects--Uniform Titles:
Microsoft .NET Framework.
Subjects--Topical Terms:
231025
Web sites
--Security measures.
LC Class. No.: QA76.76.M52 / N673 2020
Dewey Class. No.: 004.165
Advanced ASP.NET Core 3 Securityunderstanding hacks, attacks, and vulnerabilities to secure your website /
LDR
:05401nmm a2200325 a 4500
001
589078
003
DE-He213
005
20210205101153.0
006
m d
007
cr nn 008maaau
008
210525s2020 cau s 0 eng d
020
$a
9781484260142$q(electronic bk.)
020
$a
9781484260166$q(paper)
024
7
$a
10.1007/978-1-4842-6014-2
$2
doi
035
$a
978-1-4842-6014-2
040
$a
GP
$c
GP
041
0
$a
eng
050
4
$a
QA76.76.M52
$b
N673 2020
072
7
$a
UMP
$2
bicssc
072
7
$a
COM051380
$2
bisacsh
072
7
$a
UMP
$2
thema
082
0 4
$a
004.165
$2
23
090
$a
QA76.76.M52
$b
N822 2020
100
1
$a
Norberg, Scott.
$3
880789
245
1 0
$a
Advanced ASP.NET Core 3 Security
$h
[electronic resource] :
$b
understanding hacks, attacks, and vulnerabilities to secure your website /
$c
by Scott Norberg.
260
$a
Berkeley, CA :
$b
Apress :
$b
Imprint: Apress,
$c
2020.
300
$a
xx, 405 p. :
$b
ill., digital ;
$c
24 cm.
505
0
$a
Chapter 1: Introducing ASP.NET Core -- Chapter 2: General Security Concepts -- Chapter 3: Cryptography -- Chapter 4: Web Security Concepts -- Chapter 5: Understanding Common Attacks -- Chapter 6: Processing User Input -- Chapter 7: Authentication and Authorization -- Chapter 8: Data Access and Storage. - Chapter 9: Logging and Error Handling -- Chapter 10: Setup and Configuration -- Chapter 11: Secure Application Life Cycle Management.
520
$a
Incorporate security best practices into ASP.NET Core. This book covers security-related features available within the framework, explains where these feature may fall short, and delves into security topics rarely covered elsewhere. Get ready to dive deep into ASP.NET Core 3.1 source code, clarifying how particular features work and addressing how to fix problems. For straightforward use cases, the ASP.NET Core framework does a good job in preventing certain types of attacks from happening. But for some types of attacks, or situations that are not straightforward, there is very little guidance available on how to safely implement solutions. And worse, there is a lot of bad advice online on how to implement functionality, be it encrypting unsafely hard-coded parameters that need to be generated at runtime, or articles which advocate for certain solutions that are vulnerable to obvious injection attacks. Even more concerning is the functions in ASP.NET Core that are not as secure as they should be by default. Advanced ASP.NET Core 3 Security is designed to train developers to avoid these problems. Unlike the vast majority of security books that are targeted to network administrators, system administrators, or managers, this book is targeted specifically to ASP.NET developers. Author Scott Norberg begins by teaching developers how ASP.NET Core works behind the scenes by going directly into the framework's source code. Then he talks about how various attacks are performed using the very tools that penetration testers would use to hack into an application. He shows developers how to prevent these attacks. Finally, he covers the concepts developers need to know to do some testing on their own, without the help of a security professional. What You Will Learn Discern which attacks are easy to prevent, and which are more challenging, in the framework Dig into ASP.NET Core 3.1 source code to understand how the security services work Establish a baseline for understanding how to design more secure software Properly apply cryptography in software development Take a deep dive into web security concepts Validate input in a way that allows legitimate traffic but blocks malicious traffic Understand parameterized queries and why they are so important to ASP.NET Core Fix issues in a well-implemented solution Know how the new logging system in ASP.NET Core falls short of security needs Incorporate security into your software development process This book is for software developers who have experience creating websites in ASP.NET and want to know how to make their websites secure from hackers and security professionals who work with a development team that uses ASP.NET Core. A basic understanding of web technologies such as HTML, JavaScript, and CSS is assumed, as is knowledge of how to create a website, and how to read and write C#. You do not need knowledge of security concepts, even those that are often covered in ASP.NET Core documentation. Scott Norberg is a web security specialist currently based in the Seattle, Washington area. He has almost 15 years of experience successfully delivering software products in a wide range of roles. As a security consultant, he has experience with many testing tools and techniques, including Dynamic (DAST) and Static (SAST) testing, as well as manual testing and reviewing source code. Along with the many websites he has designed and built with various versions of ASP.NET, he has performed security assessments for many more. While his language of choice is C#, he has also built websites, components, and other tools in F#, VB.NET, Python, R, Java, and Pascal. He holds several certifications, including Microsoft Certified Technology Specialist (MCTS), certifications for ASP.NET and SQL Server, and a Certified Information Systems Security Professional (CISSP) certification. He also has an MBA from Indiana University.
630
0 0
$a
Microsoft .NET Framework.
$3
797678
650
0
$a
Web sites
$x
Security measures.
$3
231025
650
0
$a
Microsoft software.
$3
310638
650
0
$a
Data protection.
$3
202312
650
1 4
$a
Microsoft and .NET.
$3
760507
650
2 4
$a
Security.
$3
760527
710
2
$a
SpringerLink (Online service)
$3
273601
773
0
$t
Springer Nature eBook
856
4 0
$u
https://doi.org/10.1007/978-1-4842-6014-2
950
$a
Professional and Applied Computing (SpringerNature-12059)
筆 0 讀者評論
全部
電子館藏
館藏
1 筆 • 頁數 1 •
1
條碼號
館藏地
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約狀態
備註欄
附件
000000191615
電子館藏
1圖書
電子書
EB QA76.76.M52 N822 2020 2020
一般使用(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
多媒體檔案
https://doi.org/10.1007/978-1-4842-6014-2
評論
新增評論
分享你的心得
Export
取書館別
處理中
...
變更密碼
登入