Topic: Security Oversights in .NET
.NET provides more functional security “out of the box” than most web platforms. However, we see a number of security flaws emerge in new applications time and time again despite the advantages .NET provides. From turning off security features to work around bothersome bugs to assuming certain attack prevention measures cover 100% of attack payloads when they really only cover 80%, we see a number of common oversights among otherwise security-conscious developers. This discussion will cover a number of these common flaws and what can be done to mitigate the security risks.
Cap Diebel, Manager of Application Security:
Cap Diebel is a seasoned application security expert, specializing in application architecture, development, security reviews and security testing engagements. In his role as Manager of Application Security, Cap is involved in Denim Group’s secure development and software security assurance projects. He leads the company’s application security engagement team and also helps administer application security training for clients. He uses his extensive technology consulting experience as the company’s technical leader for application security activities and lead mentor for application security staff.
The talk will take place at Microsoft Austin office on September 14, 2015 5:30 pm – 8:00 pm
This session will go over 10+ things that I see developers not doing in their applications to make them robust, easily changed (feature, feature, future) and free from errors. What are they? Well you will need to attend this session to find out. You are guaranteed to learn a lot in this session!
David McCarter is a Microsoft MVP (Most Valuable Professional), and developer, architect, consultant, professional code reviewer and interviewer in San Diego, California. He is the editor-in-chief of dotNetTips.com… a web site dedicated to helping software engineers in all aspects of programming since 1994. David has written for programming magazines and has published many books including “David McCarter’s .NET Coding Standards” available at:http://bit.ly/dotnetdavestore. He is one of the founders and directors of the San Diego .NET Developers Group (www.sddotnetdg.org) for 20 years. In 2008 David won the INETA Community Excellence Award for his involvement in the .NET community. David is also an inventor of a software printing system that was approved by the US Patient Office in May 2008. His Microsoft MVP profile is located at: http://bit.ly/davidmvp
The talk will take place at Microsoft Austin office on July 13, 2015 5:30 pm – 8:00 pm
Chander is a Microsoft MVP, ASP.NET Insider, Web API Advisor, INETA speaker and open source contributor, with years of experience in enterprise software development. He started coding when he was 6, and created his first successful software product at the age of 14. He is the dev chair of DevConnections, and he works in a goal-oriented, technologically-driven, fast-paced Agile (SCRUM) environment. He has a master’s degree in computer science with specialization in algorithms, principles and patterns, and is focused on building high-performing modular software. Chander leads the Rockstar Developers meetup in Austin, co-organizes Angularjs meetup in Austin, HTML5/Node.js group in Los Angeles and the .NET user group at UTDallasand has spoken at numerous conferences and code camps all over the world. http://chanderdhall.com Twitter @csdhall
The talk will take place at Headspring office on June 8, 2015 5:30 pm – 8:00 pm
The location is:
10415 Morado Circle #300, Austin, TX 78759
On May 29, 2015, Microsoft presents Austin Build Tour (part of Build Tour series) at the Moody Theater. Register and check out 3 awesome sessions by Microsoft technologists on current industry trends.
Friday, May 29, 2015 – 9:00AM
Austin City Limits Live at The Moody Theater
310 Willie Nelson Blvd
Austin, TX USA 78701
Many programmers are dedicated, or even obsessed, with writing “good” code. Often we follow certain patterns and practices because we believe they are the best solution for the problem, or because the “experts” tell us to. In this session, we will discuss what good code really is and what benefits it brings.
The talk covers concepts related to code readability, and walks through a number of refactorings on an example web application.
Jane Prusakova and Josh Rizzo are software consultants, working at Improving Enterprises, a boutique software consulting firm. We work on large-scale projects spanning many teams and generations of developers, work with legacy and greenfield code, and appreciate a good code base.
Trying to compromise the complexity of a database schema for read purposes while retaining any of the benefits of its relational nature often results in all of the pain and none of the gain.
One excellent way to speed up reads while allowing for complex writes is to maintain two datastores. One for reads and one for writes. This is what CQRS addresses and what I will be exploring in this talk. I will be covering how to keep datastores in sync, how the domain can facilitates that, and new datastores, such as EventStore, that become available when you embrace this way of thinking.
DDD/CQRS/ES in a nutshell.
The talk will take place at Microsoft Austin office on April 13, 2015 5:30 pm – 8:00 pm
San Antonio .Net User Group was re-established the group early last year. While it’s primarily .Net, a broader set of topics including Azure, modern web, and mobile are also covered. You can find more information at: www.meetup.com/satnug.
If you are interested in coming to San Antonio (a quick trip from Austin) to speak, the group meets on the second Tuesday of the month at Geekdom’s Event Center at 5:30 (presentations start at 6:00 pm). They have openings all year, including next week’s meeting (4/14).
For more information, please reach out to Sam Larko (Sam.Larko AT appliedis.com) or www.meetup.com/satnug.
Git is one of the very popular distributed version control systems. It is small, fast and full of features. Adopting Git could be overwhelming at first but it is very well worth it. In this talk, Yogiraj (Yogi) Aradhye will share his real world experience of using Git and associated workflows that you can plug into your continuous integration and delivery cycles.
The talk will take place at Microsoft Austin office on March 9, 2015 5:30 pm – 8:00 pm
Just as most of the universe is thought to be made up of “dark matter” which we can not directly observe, most software is made of of missing models and lurking business requirements. In this session, we’ll explore how to identify Missing Models and how to deal with them in Message based systems.
The talk will take place at Microsoft Austin office from 5:30 p.m. to 8:00 p.m. on 2/9/2015.