Secure Programming for the Enterprise in .NET, .NET Core and Future
Not encrypting your data is a risky move and just relying on hope that you won't get hacked and compromised is not a winning strategy. As a software developer you have a duty to your employer to secure and protect their data. In this workshop, you will learn how to use the .NET Framework / .NET Standard 2 (.Net Core 2) and above to protect your data to satisfy confidentiality, integrity, non-repudiation, and authentication.
In this 2 day workshop we will take a practical approach to adding cryptographic security to your applications.
Cryptography is generally regarded as being very hard to implement, but in this workshop we will show you that it is in fact very easy to do when you are given the right direction.
We will cover the following subjects:
- Generating cryptographically secure random numbers
- Hashing of data
- Authenticated hashing of data
- The best way to store passwords
- Storing passwords with Password Based Key Derivation Functions
- Symmetric Encryption with AES
- Asymmetric Encryption with RSA
- Digital Signatures
- Hybrid Encryption
- Using RSA and AES together to create a powerful and flexible encryption scheme
- Hybrid Encryption with Authenticated Hashing for Integrity
- Digitally signing Hybrid Encryption Data
- Review principles from Day 1
- Look at secure key management using Azure Key Vault
- Look at some reference examples that use the principles from Day 1
This is a practical workshop where you will be playing around with all the techniques discussed. We aim to demystify the complexity around using robust encryption and you will leave this workshop with all the knowledge and skills to robustly secure your organisations data.
- You will need to be a competent C# developer. You don't need to be an expert, but you need to be familiar with the basic C# constructs.
- You will need to supply your own laptop that has:
- Visual studio 2019 installed. Community edition is fine or Visual Studio for MAC
- You can use JetBrains Rider if you wish on Windows / Linux
Stephen Haunts is an independent software developer, Pluralsight Author, Writer for APress, and classroom trainer. Stephen has had a long career working in computer games, banks, retail finance, insurance and healthcare and is now passionate about helping other developers, and professionals succeed in their careers.
Stephen has authored over 14 courses for Pluralsight, written a book on Cryptography for APress, and has spoken and taught workshops at conferences and companies all over the world.
Stephen is also the host of the popular business podcast, the Side Hustle Success Podcast.