Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Application Security: What you don't know can h...

Application Security: What you don't know can hurt you

Writing secure code is not difficult but it does require that you have a good understanding of what is insecure. In this session we will cover some of the top threats out there that can be used to break your applications. We will also cover techniques to improve the design of your application to minimize the vulnerabilities and mitigate those you cannot remove.

Joe Kuemerle

March 19, 2012
Tweet

More Decks by Joe Kuemerle

Other Decks in Programming

Transcript

  1. Application Security What you don't know can hurt you Joe

    Kuemerle www.kuemerle.com @jkuemerle
  2. Joe Kuemerle • Developer at BookingBuilder Technologies • Over 15

    years of development experience with a broad range of technologies • Focused on application and data security, coding best practices and regulatory compliance • Presenter at community, regional and national events.
  3. References • http://www.troyhunt.com o http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for-net.html • http://www.owasp.org o http://www.youtube.com/user/AppsecTutorialSeries?feature=watch •

    http://www.microsoft.com/security/sdl/default.aspx • http://blogs.msdn.com/b/sdl • http://bsimm.com • http://www.amazon.com/Writing-Secure-Second- Michael-Howard/dp/0735617228 • http://www.google.com/reader/bundle/user%2F11 910239077358858577%2Fbundle%2FSecurity
  4. Tools • http://wpl.codeplex.com • http://www.backtrack-linux.org • http://www.microsoft.com/download/en/details.as px?displaylang=en&id=14719 (Threat Model

    designer) • http://www.microsoft.com/download/en/details.as px?displaylang=en&id=21769 (File fuzzer) • WebGoat.NET o https://github.com/sempf/WebGoat.NET o https://github.com/jkuemerle/WebGoat.NET
  5. Photo Credits • http://www.flickr.com/photos/pcoin/4629410478 • http://www.flickr.com/photos/ekreitschmann/3296628124 • http://www.flickr.com/photos/quinnanya/3333961881 • http://www.flickr.com/photos/pcambra/3347911070

    • http://www.flickr.com/photos/superamit/2491512156 • http://www.flickr.com/photos/terrio/5710831966 • http://www.flickr.com/photos/cliffnordman/6131349171 • http://www.flickr.com/photos/suckamc/4075609940 • http://www.flickr.com/photos/alan-light/211186811 • http://www.flickr.com/photos/marksteele/3766525250 • http://www.flickr.com/photos/petithiboux/4062233946 • http://www.flickr.com/photos/theevilmightyf/1496413769 • http://www.flickr.com/photos/cookylamoo/5059188603