In this course, you will learn about ASP.NET MVC and Web API code security issues that affect MVC and Web API applications. You’ll learn methods to protect your application from attacks against MVC’s model-binding behavior, as well as methods to protect your application from cross-site scripting, cross-site request forgery, and malicious URL redirects. You will also understand the Web API pipeline and how to implement authentication and authorization in Web API applications.
On successful completion of this course, learners should have the knowledge and skills to identify common ASP.NET vulnerabilities and attacks.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.