When developing a .NET Core application a large portion of the application itself consists of external 3rd party dependencies which can be fetched from a package repository like Microsoft's NuGet. How do those opensource projects/dependencies deal with security problems? We do need to keep an eye on security updates done in order to not introduce any unnecessary security risks into our application but will that be sufficient?
Finding and resolving security issues can take a lot of time and what about a compromised package in which a contributor has added functionality which has got malicious intent?
There is definitely a away we can improve the above and do a better job! In this session we'll take a look at e.g. best practices, architectures, compartmentalization and API review/reduction of those dependencies in order to reduce the security risks of our developed .NET Core Applications.
![GS twenty two - NoBoDy [lyrics Video]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_v0KQnzunpr-R8S2839vNpdfW8Yt9ZEOIg9bqUeUV14TE8spChY6Fby9Ey7_IfgJH1sOX-HFsRVADmUuUOdRU0qZkYxFBoO2mvBQRZIoAEf3pxE=w680)
0 Comments