How to secure web applications. 2023 edition.

.NET applications can be implemented in many ways and can be used as part of various solution architectures. Web applications with Javascript, or Typescript frontends require a trusted backend with good session protection. Applications with APIs can be secured using different OAuth2 flows, cookies, access tokens, certificates or even networks. This talk explores how ASP.NET Core applications can be secured and the correct security architecture to use for the defined business requirements.