At some point, you will or should have your web applications submitted to a penetration test or security assessment. In this test, a team of security engineers will poke your API and Web Apps to see if they can get different results than expected.

But have no fear! I will show you how you can harden your web applications by addressing a lot of common risks:
- fingerprinting
- proper use of cookies
- adding several security-related HTTP headers

In this session, I'll demonstrate hardening ASP.NET Core web apps, but you can also apply this knowledge to other web application technologies.