Security is an afterthought with most developers. A common problem is that most web applications can be easily hacked. This presentation explores the most common attacks on web applications, how they work to exploit your app, and most importantly, how to protect against them. Techniques such as Cross Site Scripting, SQL Injection, Session Hijacking, and Cross Site Request Forgery will be covered. ASP.NET Web Forms and ASP.NET Model-View-Controller (MVC) will be covered, as both have pros and cons that will be explored. We will start with a ‘broken’ application and secure it throughout the presentation. Learn about the various tools, techniques, and libraries to help protect your applications!
Adam Tuliper is a software architect with Cegedim and has been developing software for over 16 years. He’s a Certified Scrum Master and MCPD Enterprise Applications Developer. Adam started his work in security and reverse engineering (x86 based – pre .NET) with the direction of going into the software protection and anti-piracy field. He has been deeply involved in .NET internals since early .NET beta and currently works extensively with WCF, ASP.NET, SQL Server, MVC, C#, jQuery, and Silverlight. Adam is an INETA Community Speaker and speaks at Tech Ed, .NET User Groups, and other events. Besides development, he has performed security audits and penetration testing for large and small companies alike and really really likes security.