In this talk at Code Camp Auckland, Kirk discussed the latest protections that have been added to web browsers to combat the common threats to your web applications.
He covered Content Security Policy (CSP), HTTP Strict Transport Security (HSTS) and the X-Frame-Options headers, as well as discussing how to safely host user-generated files for download.
View the slides here: CC2011-KirkJackson.pdf (6mb)
Sunday, August 28, 2011
Thursday, August 25, 2011
Andy Prow and Kirk Jackson presented two talks at TechEd NZ 2011. The second talk was titled "Boost your Defences!":
Running a website is a risky business. Applications within organisations and on the internet are under attack all the time, by all kinds of people. How do you make your ASP.NET WebForms, MVC or SharePoint application as secure as possible? Which protection mechanisms are built in to the platform, and what are the recommended techniques for those that aren't? Come along to this talk where we will cover techniques for protecting your application from all of the common web attacks.
Wednesday, August 24, 2011
Andy Prow and Kirk Jackson presented two talks at TechEd NZ 2011. The first talk was titled "The Attackers are Coming!":
The internet is a fast moving business, web applications in 2011 are being attacked in new ways, using new tools and techniques.
This talk will cover the state of the art in web security, and have some fun sharing stories of sites that have been attacked and how well they survived.