T13 Hack Proofing Your Web Applications


3:00pm - 4:15pm

Level: Intermediate

Adam Tuliper

Principal Software Engineer, DX


It doesn't matter if you use only HTML/Javascript, ASP.NET Web Forms or MVC, etc. Chances are your apps are doing something incorrectly. Developers are notoriously lax with including security in their applications. In an age of hacking, this talk aims to arm you with an arsenal of protections to use while developing. This presentation explores the most common attacks on Web applications, how they work to exploit your app, and most importantly, how to protect against them. Techniques such as Cross Site Scripting, Session Hijacking, Cross Site Request Forgery, and more will be covered. ASP.NET Web Forms and MVC will be covered as well as pure JavaScript/HTML applications, as both have pros and cons that will be explored. We will start with a 'broken' application and secure it throughout the presentation. Leave this presentation empowered to immediately start protecting your applications!

You will learn:

  • Why many existing applications can be hacked in some way
  • Details of common hack attacks in Web Applications (JavaScript,, and html attacks that don't require any script)
  • Techniques for protecting applications against hack attacks