|
Description: Secure Your ASP.NET Applications from
Hackers This session presents countermeasures to defend
against threats. Topics include input validation; best practices when working
with Microsoft SQL Server(tm), including the use of parameterized commands,
stored procedures, accounts with limited privileges, Microsoft Windows;
authentication versus SQL Server logins, and secure storage of connection
strings; HTML-encoding of user input; vulnerabilities specific to ASP.NET forms
authentication and forms authentication cookies; use of encrypted view state
rather than hidden fields to maintain state between requests; storage of
password hashes rather than passwords for added security; and more. Presented by: Anil John Anil John is currently a Microsoft MVP for ASP.NET,
a member of the MSDN Patterns & Practices Customer Advisory Board, and an
ASPInsider. In addition, he was a technical reviewer for the MS Press book
'Improving Web Application Security: Threats and Countermeasures'. He has been
involved with web development since the early days of Mosaic. Since that time
he has been done everything from web development and system administration to
application and system architecture. While he started out with an interest in
web and mobile technologies, these days he finds himself being drawn more and
more to addressing the challenges of digital security in a connected world
using Microsoft's .NET technologies. You can reach Anil at http://SecureCoder.com
<http://securecoder.com/>
Date: 5/4/2004 6:30pm-9:00pm Topic: Defenses and Countermeasures - Secure Your
ASP.NET Applications from Hackers Location: For more information: http://www.cmap-online.org/DesktopDefault.aspx?tabindex=0&tabid=1
Yahoo! Groups Links
|
