Explore the security aspects of building ASP.NET Core MVC applications in this 32-minute conference talk from AppSecUSA 2017. Delve into the default security features of ASP.NET Core, a new open-source and cross-platform framework, and learn how it addresses common vulnerabilities like Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). Discover the framework's modular approach and its flexibility in creating secure solutions across Windows, Mac, and Linux platforms. Gain insights from security researcher Niels Tanis as he examines the framework's APIs, demonstrates how to extend security measures, and shows how to validate existing solutions. Cover topics including controllers, data processing, input validation, SameSite cookies, and code analysis limitations. Enhance your understanding of secure application development in the context of ASP.NET Core MVC.