Application Security Workshop
sortie
Description Day 1 (Wednesday, 5th March 2025) Day one of the workshop shows how authentication, authorization and security requirements can be implemented using ASP.
NET Core and DevOps with different identity providers.
Some of the different approaches when implementing these in SPAs, or ASP.
NET Core Razor/MVC will be explained, as well as the different OpenID Connect/OAuth flows which should be used or can be used for these types of solutions.
Application Security Overview The module gives an overview of application security architecture and explains some of the topics from a top-level perspective.
The different areas of applications security will be explained as well as best practice for multi factor authentication.
OpenID Connect, OAuth2 flows This module explains the best practices for implementing OAuth and OpenID Connect in a software.
The recommended flows and how they work will be highlighted and the attendees show gain a clear knowledge of when to use which flow for which application type.
DevOps Security In the DevOps Security part, the focus is on possible attack vectors in the development process and how these can be mitigated in general and detected in relation to the source code using static security testing.
Protecting the session, client Learn how your session can be attacked even if your authentication flow is perfect.
Team up with your browser and learn about important security headers.
In the exercises, you will demonstrate multiple attacks on an application and learn how to mitigate them.
API Authorization This module looks at implementing authorization for APIs, exploring the different ways to secure the APIs, for example cookies, self-contained access tokens or reference tokens and introspection.
Securing SPA applications Securing single page applications is hard.
This is no common recommended best practice for ...
Isolutions Bern
Bern
SWITZERLAND
Le blog de umoovEvénements et activités à proximité
