Web

TH06 Hack Proofing Your ASP.NET Web Forms and MVC Applications

03/29/2012

9:30 am - 10:45 am

Level: Introductory to Intermediate

Adam Tuliper

Principal Software Engineer, DX

Microsoft

Developers are notoriously lax with including security in their applications. In an age of hacking, this talk aims to arm the developer with an arsenal of protections to use while developing. This presentation explores the most common attacks on web applications, how they work to exploit your app, and most importantly, how to protect against them. Techniques such as Cross Site Scripting, SQL Injection, Session Hijacking, and Cross Site Request Forgery will be covered. ASP.NET Web Forms and MVC will be covered, as both have pros and cons that will be explored. We will start with a 'broken' application and secure it throughout the presentation. Leave this presentation empowered to immediately start protecting your applications!

You will learn:

  • Learn why most existing applications can be hacked in some way
  • Learn the details of common hack attacks in ASP.NET Web Applications
  • Learn the techniques for protecting their web forms and mvc applications against hack attacks