SQL injection is a common attack vector that remains one of the most prevalent security risks for applications today. One of the reasons SQL injection attacks are so pervasive is the fact that injection vulnerabilities are very easy for attackers to discover and exploit, sometimes with devastating consequences. On the other hand, mitigating SQL injection…
Tag: ASP.NET Core
IdentityServer is the de-facto security token service for ASP.NET and ASP.NET Core web applications and it is hugely popular within the .NET community. One of the most important security requirements to consider when setting up IdentityServer is the creation of a key (typically an X.509 certificate) which is used to cryptographically sign and validate tokens…
Now, more than ever before, employing security best practices from the start is an absolute must when developing modern web applications. The threat landscape has evolved continuously over the last number of years, however, so have the protection mechanisms which we as software developers can avail of to guard our applications against attackers. In this…
InWeb
If you’re looking for a caching solution to help speed up a web application and Azure is your cloud platform of choice, it makes sense to use Azure Cache for Redis. Azure Cache for Redis is a secure, scalable, and reliable cloud-hosted caching solution. It is based on the very popular open-source Redis database cache…
InWeb
If you have experience with ASP.NET but have only recently started building web applications with ASP.NET Core, you may have noticed that some of the features you are used to having during development, appear to be missing. One of the first things you are likely to notice when you start off with a new ASP.NET…
InSecurity
For any application which is hosted on the web, it is essential that security is built in from the start. Enabling your web application to serve secure traffic over HTTPS and enforcing this policy is one of the first things that you should implement and this is just as important for web apps as it…
InAPIs
Having already introduced the concept of gRPC services and having walked through how to consume a gRPC service using .NET Core, I’m now going to cover the next most fundamental topics; authentication and authorization. For production applications, your API endpoints are normally going to be available publicly and therefore they need to be protected from…
InAPIs
In a prior post, I introduced the key concepts behind using gRPC to develop an RPC service and walked through the process of creating a sample project. In this article, I build on the previously discussed topics by adding an additional service and a client to the sample project. After reading through the content below,…
InAPIs
Before we begin, here’s a quick definition of the term “Get to grips” to mull over. to make an effort to understand and deal with a problem or situation If you’re looking into micro-service communication options for a greenfield project, gRPC is a great place to start. In this article, I take a first look at…