Defence in depth implementation

Source code samples for "Defence in Depth" articles and presentations.

This is an accompanying implementation of a secure REST API in ASP.NET Core 7 that follows the series of articles found at:

https://securityblog.omegapoint.se

An article that covers these concepts exactly can be found at:

https://securityblog.omegapoint.se/en/secure-apis-by-design

Presentation of this material can be found at YouTube:

https://www.youtube.com/watch?v=5nQ00_z0hF4 (NDC Oslo 2021, demos in ASP.NET Core 6)

https://www.youtube.com/watch?v=_7fFm8e8UpM (Jfokus 2022, demos in Java 17 with Maven and Spring Security)

Java repo at https://github.com/Omegapoint/defence-in-depth-java

Video recordings of additional "Defence in Depth" presentations (in Swedish) can be found at:

https://omegapoint.se/academy-plus

The approach follows that of the book "Secure by Design":

https://www.manning.com/books/secure-by-design

The repo also contains a token service for demo and education purposes built with Duende Identity Server:

https://github.com/DuendeSoftware/IdentityServer