Asp.Net Core Web API Security Checklist. TOP 3 Vulnerabilities And How To Fix Them

Показать описание

Security in Asp.Net Core web APIs is very important. We all know this, but sometimes we lose focus on security aspects that really matter. That's why in this video I present you and Asp.Net Core Web API Security checklist, with practical examples. Specifically we will look into the 3 OWASP mentioned vulnerabilities, including broken object level authorization, broken function level authorization and SQL injection.
#aspnetcore #dotnet #csharp #security #programming

Join this channel to get source code access and other perks:

Also follow me here (especially if you are a self taught developer):

Content
1. Intro: 00:00
2. Introducing OWASP: 00:29
3. Broken object level authorization: 01:07
4. What the problem is: 01:27
5. How to fix it: 02:59
6. Broken function level authorization: 06:40
7. How to fix it: 09:08
8. Other mitigations: 10:15
9. SQL injection: 11:00
10. How to fix it: 13:19
11. Conclusions: 14:38

My setup:

Codewrinkles

Рекомендации по теме

Комментарии

Thank you for such short and clear explanation, especially for practical examples

Tolmachovtv

Very much practical and well explained.

asiridissanayaka

Love the fact you actually demonstrated these security concepts with code. Thank you! Also for the Broken Object Level Authorization example could we alternatively embed the shopId into the jwt token or cookie as a claim on login then the subsequent requests to the "revenue" endpoint can use this shopId to fetch revenue?

uzayrsyed

I have been thinking about this more and more should I be encrypting the payload I always have ssl and all but most of the times im passing jason data.

dotnetdevni

Security is important, but who is sending id in the header? It is dumb. Token should be created and encrypted during login. Only token contains information for authentication and authorization

hifirulezzz

Asp.Net Core Web API Security Checklist. TOP 3 Vulnerabilities And How To Fix Them

.NET 🚀🔥 : API Security: A Comprehensive Guide to Safeguarding Your APIs with API Keys

Adding JWT Authentication & Authorization in ASP.NET Core

.NET 8 Authentication with Identity in a Web API with Bearer Tokens & Cookies 🔒

Asp.Net Core Web API Security Checklist. TOP 3 Vulnerabilities And How To Fix Them

ASP.NET Core Web API Authentication and Authorization with JWT (Json Web Token)

ASP.NET Authentication using Identity in 10 Minutes - Authentication and Authorization in .NET8

Secure Web API using Authorize attribute | ASP.NET Core 5.0 Web API Tutorial

ASP.NET Core WebAPI Authentication And Authorization Made EASY

Part4️⃣- Policy-Based Authentication & Rate Limiting |🚀Master Microservices with YARP Reverse Pr...

How To Implement API Key Authentication In ASP.NET Core

Introduction To Permission Authorization In ASP.NET Core 7 | Permission Authorization - Part 1

Token Authentication In ASP.NET Core 7 With JWT | Clean Architecture

Implementing API Key Authentication in ASP.NET Core

How to Use Multiple Authentication Schemes in ASP.NET Core Web API

Create Asp.Net Core Web API with JWT Authentication And Authorization [Complete Tutorial]

Asp Net Core - Rest API Authorization with JWT (Roles Vs Claims Vs Policy) - Step by Step

Way of Web API Security in ASP.NET CORE

ASP.NET Core Web API Best Practices

Asp.Net Core AUTHORIZATION Made EASY

Learn Key based API Authentication in 8 Minutes | .Net Core C# | KeyBasedApiAuthentication | Sukhraj

Authorization in ASP .NET Core Web API with Identity | .Net 8

ASP NET Web API token authentication

#101: Secure Web Api using Authorize Attribute in Asp.Net Core Web API Application.

Understanding Role-Based Access Control with ASP.NET Web APIs | .NET Conf 2023