ABP Framework / .NET Consulting
ABP Framework across the full stack: backend architecture, DDD boundaries, multi-tenancy, subscription systems, and microservice infrastructure, applied across 10+ distinct production systems at different scales.
Deeper ABP expertise than the framework demos show you
I've replaced ABP's default LeptonX theme entirely, extended its subscription and permission systems, and designed reusable module boundaries across multiple production products, in traditional monolith, modular monolith, CQRS, and microservices architectures.
- Architecture reviews and codebase audits
- Legacy modernization without breaking what already works
- DDD refactoring and module boundary design
- Full security assessment remediation
- Team onboarding and ABP best-practice standardization
- Architecture review with concrete recommendations
- DDD refactoring plan or implementation
- Security hardening (auth, CSRF, CSP, JWT hygiene)
- Team workshops and onboarding docs
- Migration plan for monolith to modular to microservices
Case Studies
Security Assessment Remediation
- Led full remediation after a third-party penetration test returned 4 critical and 6 high-severity findings
- Delivered HttpOnly cookie auth migration, stateless HMAC-signed CSRF tokens, a CSP campaign across Stripe/hCaptcha/iframe integrations, JWT claim hygiene, and impersonation-grant dual-auth hardening
- Classified 688 of 1,786 Swagger paths as sensitive as part of the audit
10+ Production ABP Systems
- Replaced ABP's default LeptonX theme entirely across multiple products
- Extended ABP's subscription and permission systems beyond framework defaults
- Designed reusable module boundaries enforced via dependency inversion, not convention alone
- More on how I weigh these architecture calls: do you actually need microservices? →
Stack & Technologies
FAQ
What makes your ABP Framework expertise different from a general .NET developer's?
Depth across 10+ distinct production ABP systems at different scales and architectures: I've replaced the default LeptonX theme entirely, extended the subscription and permission systems beyond their defaults, and designed module boundaries enforced through dependency inversion rather than convention.
Can you review an existing ABP/.NET codebase before we commit to a direction?
Yes. Architecture reviews and codebase audits are a standalone service, independent of whether you also want implementation work.
Do you handle security assessments and remediation?
Yes. I led full remediation of a third-party pentest with 4 critical and 6 high-severity findings on a production ABP + Angular system: HttpOnly cookie migration, CSRF, CSP, JWT hygiene, and OAuth grant hardening, going well beyond patching the obvious findings.
Should we use a modular monolith or microservices?
For most products, the modular monolith is the stronger choice: it's simpler to operate, and a well-designed one handles significant traffic. Microservices earn their complexity from independent deployment and team autonomy needs, not from assumptions about future scale. I have production experience with both and can help you make that call against your actual constraints.
Need deep ABP Framework or .NET expertise?
Whether it's a review, a security remediation, or hands-on implementation, let's talk about your system.
Start a conversation →