Troy Hunt Secures ASP.NET
Carl and Richard talk to Troy Hunt about ASP.NET Security. Troy is an advocate of the Open Web Application Security Project (OWASP) and wrote a set of blog post applying the top ten exploits to ASP.NET. Troy walks through all ten exploits and how they apply to ASP.NET. He's also rolled the posts together into a PDF file - have a listen and a read!
Guests:
Troy Hunt
Troy Hunt is a Pluralsight author, Microsoft Regional Director and MVP and a world-renowned internet security specialist. He spends his time travelling the world speaking and running workshops where he teaches developers how to break into their own systems before helping to piece them back together to be secure against today’s online threats. He’s also the creator of “Have I been pwned?”, the free online service for breach monitoring and notifications. Troy regularly blogs at troyhunt.com from his home on the Gold Coast in Australia.
Links:
- Troy's Blog http://www.troyhunt.com/
- Open Web Application Security Project https://www.owasp.org/index.php/Main_Page
- OWASP Top 10 for .NET Developers PDF http://asafaweb.com/OWASP%20Top%2010%20for%20.NET%20developers.pdf
- RunAs Episode on TLS Certificate Breaches http://runasradio.com/default.aspx?showNum=229
- Automated Security Analyzer for ASP.NET Websites http://asafaweb.com/