NEBytes

North East Bytes - Microsoft Technology Usergroup in the North East of England

NEBytes April 2016: .NET MVC Security with John Staveley

This month we happen to line up the day before the Microsoft Web Platform roadshow hits town (more info here - mswebday.net). As such we have our own webby topic ready for you and are delighted to have John Staveley coming up from Leeds who will be taking over both sessions with his master class on:

.NET MVC Website Security - John Staveley

The number and frequency of attacks on websites in the news is increasing steadily and effects can be devastating. However for each company that you hear about there are many more who cover up or are unaware of breaches on their sites. Thus what you hear about in the news represents just the tip of the iceburg. This primer session on security focusses on the major risks and the practical steps you can take now in your software development to protect an ASP.Net Mvc website from the major threats in the web today and will include code you can take away and implement in your own sites. Each type of attack will be introduced in a technology agnostic way, then highlighted with some case studies using major breaches as examples, then finally countermeasures which you can use will be proposed for each risk. The attacks I will be looking at are:

  • SQL Injection
  • Session hijacking
  • Password hacking
  • Weak account management
  • XSS
  • Insecure direct object references
  • Misconfiguration
  • Sensitive data exposure
  • Missing Function Level Access Control
  • CSRF
  • Unvalidated redirects and forwards
  • Form overposting
  • DDOS
  • Social Engineering

A sample code project is included as part of the talk which helps mitigate against all of these threats and more.

---

Eventbrite - NEBytes April 2016: .NET MVC Security with John Staveley

Pingbacks and trackbacks (1)+

Comments are closed
NEBytes October 2011–Denali What Can I Tell You?

NEBytes

North East Bytes - Microsoft Technology Usergroup in the North East of England

NEBytes October 2011–Denali What Can I Tell You?

Join North East Bytes for the first event in what is the outstanding month of October!

We are pleased to welcome Andrew Fryer from Microsoft UK's Developer and Platform Group to give us the low down on SQL Server Denali

Date: Thursday 6th October 2011

Time: 18:30-21:00

Denali - What Can I Tell You?

Denali is the next release of SQL Server. It builds on the three themes of the previous version:

  • Scalability and Availability
  • Unstructured Data
  • Business Intelligence

So I am going to dive into each of these as far as I can at the moment and give you and idea of what's coming up in the public beta

Andrew Fryer

I'm a technical evangelist at Microsoft UK. What this means is that I spend my time explaining the future to IT Professionals who do data management and data centre administration. There are just under a million IT Professionals in the UK, and to reach all of these I spend a lot of time online: On my blog, doing webcasts and the usual social media channels (Twitter, Facebook). However I love going to community events to swap stories and to try and help get the most out of Microsoft technologies.

Location

The event will be hosted in Room 120 of the Claremont Building at Newcastle University. For a detailed campus map - http://www.ncl.ac.uk/documents/Campus-Map-Print.pdf (Identified by number 32 on the maps).

Register for NEBytes October 2011 - Denali What Can I Tell You? in Newcastle Upon Tyne, United Kingdom  on Eventbrite

Pingbacks and trackbacks (1)+

Comments are closed