• No products in the cart.


Securing ASP.Net Web Services is a lab-intensive, hands-on .Net security training course, essential for experienced enterprise developers who need to produce secure ASP.Net-based web services.

Course Access

Unlimited Duration

Last Updated

March 11, 2021

Students Enrolled

Total Reviews

Posted by

Securing ASP.Net Web Services will help you to learn the skills required to recognize actual and potential software vulnerabilities, implement defenses for those vulnerabilities, and test those defenses for sufficiency.  In this course you will learn about:

· Understand the consequences for not properly handling untrusted data such as denial of service, cross-site scripting, and injections

· Be able to test web applications with various attack techniques to determine the existence of and effectiveness of layered defenses

· Prevent and defend the many potential vulnerabilities associated with untrusted data

· Understand the concepts and terminology behind supporting, designing, and deploying secure services

· Appreciate the magnitude of the problems associated with service security and the potential risks associated with those problems

· Understand the currently accepted best practices for supporting the many security needs of services.

· Understand the vulnerabilities associated with authentication and authorization within the context of web services

· Be able to detect, attack, and implement defenses for authentication and authorization functionality

· Understand the dangers and mechanisms behind Cross-Site Scripting (XSS) and Injection attacks

· Be able to detect, attack, and implement defenses against XSS and Injection attacks

· Understand the concepts and terminology behind defensive, secure, coding

· Understand the use of Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets

· Perform both static code reviews and dynamic application testing to uncover vulnerabilities in C#-based web services

· Design and develop strong, robust authentication and authorization implementations within the context of ASP.Net

· Understand the fundamentals of XML Digital Signature as well as how it can be used as part of the defensive infrastructure for web services

· Understand the fundamentals of XML Encryption as well as how it can be used as part of the defensive infrastructure for web services

· Understand and defend vulnerabilities that are specific to XML and XML parsers

Course Curriculum

    • Why Hunt Bugs? 00:00:00
    • Safe and Appropriate Bug Hunting/Hacking 00:00:00
    • Removing Bugs 00:00:00
    • Principles of Information Security 00:00:00
    • Service Challenges 00:00:00
    • Services and Security 00:00:00
    • Defending Web Services 00:00:00
    • Defending Rich Interfaces and REST 00:00:00
    • Unvalidated Data 00:00:00
    • Injection 00:00:00
    • Broken Authentication 00:00:00
    • Sensitive Data Exposure 00:00:00
    • XML External Entities (XXE) 00:00:00
    • Broken Access Control 00:00:00
    • Security Misconfiguration 00:00:00
    • Cross Site Scripting (XSS) 00:00:00
    • Deserialization/Vulnerable Components 00:00:00
    • Insufficient Logging and Monitoring 00:00:00
    • Spoofing, CSRF, and Redirects 00:00:00
    • What Next? 00:00:00
    • .NET Issues and Best Practices 00:00:00
    • Cryptography Overview 00:00:00
    • .NET Cryptographic Services 00:00:00

    Course Reviews

    Profile Photo
    ashar hafeez


    About Instructor


    Course Events


    More Courses by Insturctor

    © 2021 Ernesto.  All rights reserved.