Well done! You’ve learned everything you need to know to build secure applications with ASP.NET Core.
In Part 1, you learned about the most common types of attacks and the mechanisms ASP.NET Core provides to combat them:
Cross-site scripting and cross-site request forgery attacks:
How Razor, within ASP.NET Core, automatically helps prevent these attacks.
Open redirect attacks:
The helper methods .NET Core provides to help you protect your apps from them.
SQL injection:
How to create parameterized queries using .NET Core to prevent these attacks from occurring.
In Part 2, you learned to:
Authenticate users using both Entity Framework and third-party authenticators.
Restrict user access within your sites by using role-based authorization.
Extend the functionality of ASP.NET Core Identity to customize and personalize user accounts.
In Part 3, you learned to:
Build a data protection layer using the consumer APIs of the ASP.NET Core data protection stack.
Require your sites to be delivered over a secure internet protocol.
Implement SSL on your sites.
We’ve covered a lot of information here! As you continue to explore .NET Core, to build increasingly powerful web applications, and practice sound security principles using the knowledge you’ve gained in this course, you’ll establish yourself as a valuable asset to the .NET development community.
I hope you’ve enjoyed this course and that it serves you well in your continued learning.
As a final task before you move on to your next course, take a few minutes to assess what you’ve learned and complete the quiz for Part 3.
