Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem. Today's episode is a little different from the norm. I waned to, temporarily, take you away from the "AI is the best thing ever/worst thing ever" news cycle, and talk to you about an open source project that I work on called "OwaspHeaders.Core" This is the first in a two-part series about OwaspHeaders.Core and lays the ground work for why I chose to create it. Part two will be more about how I went about creating it, and the lessons I learned along the way, which are not just about HTTP headers and building your own NuGet package, and some of the amazing contributions that the community has put in place. The three main goals for this two-part series are to talk people through the real-world problem that exists in all web frameworks and how we can all work together to solve it, to talk you through what I believe good open source stewardship looks like, and to talk through what creating and publishing a NuGet package looks like. Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/from-pentest-to-1-7-million-downloads-part-1-the-headers-id-never-heard-of/ Useful Links: OwaspHeaders.Core documentation OwaspHeaders.Core on NuGet OWASP Secure Headers Project Episodes featuring Tanya Jana: Episode 77 - Application Security Episode 105 - More App Security S07E11 - The Security Expert Speaks Troy Hunt securityheaders.com Abel Wang ("Don't Accept The Defaults") Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show. Editing and post-production services for this episode were provided by MB Podcast Services.