On Saturday 7th of May 2011, I presented Defensive Programming 101 at DDD Scotland 2011 in Glasgow. This was the second time I have presented at DDD Scotland and I was thankful to be invited back. Like last year, it was the same presentation.
I was lucky in my presentation that most of the audience was awake and didn’t mind me asking them questions. Or maybe they did and just didn’t complain! The session went smoothly enough and I would like to say sorry for the human failure in the middle when I mixed up my demo a bit.
Thanks again to the organizers, who did a fantastic job in making sure the day went smoothly.
Based on last years feedback I changed the slides, to remove most of the wordy slides which in turn, made my presentation into a collection of pictures. However at the end I had a lot of resource links and I am publishing them here for those who wanted a copy of them.
Resources Slide 1
- IIS Security What If Tool - http://support.microsoft.com/kb/229694
- URLScan – http://technet.microsoft.com/en-us/security/cc242650
- IIS Configuring security - http://learn.iis.net/page.aspx/88/configuring-security/
- MSCASI tool - http://support.microsoft.com/kb/954476
- IIS Lockdown - http://technet.microsoft.com/en-us/library/dd450372%28WS.10%29.aspx
- AntiXSS Toolkit - http://wpl.codeplex.com/
- IIS Security Tools - http://www.iis.net/community/Security
- Advice from SDL - http://blogs.msdn.com/b/sdl/archive/2008/05/15/giving-sql-injection-the-respect-it-deserves.aspx
Resources Slide 2
- http://www.security.nnov.ru/
- http://www.devx.com/dotnet/Article/32493/1763/page/1
- http://cwe.mitre.org/top25/#Brief
The demo bits are available from here and here (they are done as separate posts)
Finally the copy of my presentation on SlideShare
1 comment:
Hi Niall, many thanks for the talk. I am creating blog serries based on that.
Oleksii
Post a Comment