We all invest a lot of effort in the quality of our web development and (hopefully) security is one of those practices we bake in from the ground up. Thing is though, like most things in software development, times change and many of the practices we considered secure yesterday aren’t necessarily so today. Hardware gets faster, automation becomes more prevalent and the bad guys simply find new ways to break our good work.

This session looks at a collection of lesser-known practices which are being employed to break through website security, often circumventing what we’ve traditionally held to be “secure” practices. We’ll take a look at what these practices were designed to protect, how they’re being broken and what we need to do differently to protect against them.

About the speakers

Mr Security

Troy is a software architect and Microsoft Most Valued Professional (MVP) focusing on security concepts and process improvement in software delivery within a large enterprise environment. His specialties include C# ASP.Net, SQL Server, SOA, SharePoint, Security and Continuous Integration

Academy

Related Videos

Transform your Power BI Dashboards with Custom Visuals built in React | Prem Radhakrishnan

Quick Question – How many Visualization options come built-in with Power BI? Quick Answer – Not nearly enough. Prem will walk you through the extra visualizations that are in the wonderful awesome Power BI Visuals Marketplace called AppSource. However, no matter how many options you find, there is always a need for that little bit…

Cracking passwords & why L33t!fied passwords are bad | Alexei Doudkine

Watch this demo of how a hacker who has broken into your machine can quickly and easily get your password hashes, take them offline and crack them to retrieve your original password. In this talk, Alexei discusses how passwords are stored in Windows, some techniques real-world hackers use to crack password hashes and what you…

Symmetric encryption, hashing & digital signatures + More – Cryptography 101 | Robert Boedigheimer

Learn the fundamentals of cryptography, including public/private and symmetric encryption, hashing, and digital signatures. Discover which techniques are appropriate for various situations. Review practical real life examples for storing passwords, protecting URL parameters, securely exchanging information with partners, and safely encrypting sensitive information on public web sites. Concepts apply to all platforms, examples will be…

NDC Sydney 2020 – Ask Me Anything!

Matt Wicks talks with Yaser about his talk at NDC: Tuning web performance with just browser APIs For more interviews, watch the full video playlist:  

The 5 important questions about .NET 5 | Brendan Richards

The 5 important questions about .NET 5 ​Back in 2016 Microsoft made the brave step of building a brand new .Net Core away from the classic “Full Framework” .NET. This meant they were able to hit the “Redo button” in so many ways, bringing us the modern, open-source, fast and cross-platform framework that we use…

Angular – Satisfying your Performance Hungry UI | Gabriel George

Angular is one of the fastest JavaScript UI frameworks, however sometimes when we want to render a large number of components it can still perform poorly. You think to yourself “Am I doing it wrong?” Gabe will show us how to the use built-in functionality of Angular to make rendering snappier.

EF Core Query Tags and logging | Jernej “JK” Kavka

.NET Core allows us to log just about everything very easily, but when something goes wrong with SQL queries, how exactly do you figure out where it’s coming from…? This is where EF Core Query Tags comes into play, along with a couple of logging strategies, you’ll never be confused by the intent and location…

Successful developers do more than just write code

It takes more to be a great coder than you might think! Check out this video from NDC Sydney featuring Adam Cogan, Michael Smedley and Matt Goldman on the importance of teamwork and good communication in software development. Learn about SSW’s new mobile app and how it connects us with the software development community.  

Pragmatic DevOps | Tech Tips NDC Sydney 2019

Pragmatic DevOps It’s easy to feel like DevOps is too hard to implement because the theory is hard to apply in their company. Rather than give up, it’s important to be pragmatic and try to solve the problems. To do this effectively, you need the theory. With books like The Phoenix Project and The Unicorn…

C# 8.0 – New Features & Beyond with Filip Ekberg | Tech Tips NDC Sydney 2019

New features of C#8.0 SSW’s Andreas Lengkeek talks with ‘the C# guy’ Filip Ekberg on the new features of C# 8.0 and what’s coming down the line. They discuss: – Nullable Types – Async Streams – Pattern Matching – Coming up features