Ever wonder if simply deploying an HTTPS certificate is enough to ensure
your web application is secure? Think again! In this session, we'll take you on a journey from creating a public-facing HTTP application to securing the browser environment that powers it.

We'll explore some game-changing, free, and open-source packages and resources that will elevate your web application's security without breaking the bank. We'll cover the latest OWASP-recommended HTTP headers, their benefits, and how to implement them in an ASP.NET Core-based application.

No prior knowledge is required – just a willingness to learn! We'll walk you through the process of adding these essential headers manually and then demonstrate how to use the powerful OwaspHeaders.Core NuGet package to streamline the process with just one line of code. By the end of this 45-minute session, you'll be able to impress your colleagues and friends with a web application that's been fortified against common security threats.

Key Takeaways:

- Understand the importance of securing the browser environment
- Learn how to implement OWASP-recommended HTTP headers in an ASP.NET Core-based application
- Discover how to use the OwaspHeaders.Core NuGet package for easy, automated header implementation
- Get hands-on experience with implementing security best practices that will make you a hero in the eyes of AppSec teams and regulators alike!

Target audience: web developers (full stack, front-end, and back-end devs)
Technical requirements: working internet connection that presenter can use