Secure Programming for the Enterprise in .NET and .NET Core
Not encrypting your data is a risky move and just relying on hope that you won't get hacked and compromised is not a winning strategy. As a software developer you have a duty to your employer to secure and protect their data. In this workshop, you will learn how to use the .NET Framework / .NET Standard 2 (.Net Core 2) to protect your data to satisfy confidentiality, integrity, non-repudiation, and authentication.
In this 2 day workshop we will take a practical approach to adding cryptographic security to your applications. Cryptography is generally regarded as being very hard to implement, but in this workshop we will show you that it is in fact very easy to do when you are given the right direction.
We will cover the following subjects:
Day 1:
- Generating cryptographically secure random numbers
- Hashing of data
- Authenticated hashing of data
- The best way to store passwords
- Storing passwords with Password Based Key Derivation Functions
- Symmetric Encryption with AES
- Asymmetric Encryption with RSA
- Digital Signatures
- Hybrid Encryption
- Using RSA and AES together to create a powerful and flexible encryption scheme
- Hybrid Encryption with Authenticated Hashing for Integrity
- Digitally signing Hybrid Encryption Data
Day 2:
- Review principles from Day 1
- Look at secure key management using Azure Key Vault
- Look at some reference examples that use the principles from Day 1
- Work on a small project to practically use
This is a practical workshop where you will be playing around with all the techniques discussed. We aim to demystify the complexity around using robust encryption and you will leave this workshop with all the knowledge and skills to robustly secure your organisations data.
Prerequisites
You will need to be a competent C# developer. You don't need to be an expert, but you need to be familiar with the basic C# constructs.
Computer Setup
You will need to supply your own laptop that has:
- Visual studio 2019 installed. Community edition is fine or Visual Studio for MAC
- You can use JetBrains Rider if you wish on Windows / Linux
Stephen is also an experienced software developer with a focus on .NET technologies and security for back end enterprise systems. He is also a Pluralsight author, blogger at www.stephenhaunts.com and international conference speaker, speaking at events like NDC London, NDC Oslo, Techorama and SDD Conf. He also co runs a user group called Derbyshire Dot Net.