Under the Hood of the ASP .NET Core Security

There are few articles written about the built-in ASP.NET Core security features. Even official documentation has gaps. We’ll explore all common security features and I’ll explain how they work under the hood. If you use the good old ASP .NET, then information about security internals and security best practices will be useful for you. This talk will give you answers to following questions: How are modern anti-XSS techniques implemented? How to use them correctly? How to work with cookies safely? How was a CSRF prevention mechanism re-written? How to work with crypto algorithms correctly? Also, I will talk about my experience in .NET Core Bug Bounty Program. I recommend recalling OWASP Top 10 attacks before the talk.