Smolen Alex Securing The Mvc Architecture Part One

Securing the MVC Architecture Part One Alex Smolen Software Security Consultant Foundstone, Inc Mission Viejo, CA [email_address]

Who are you? ,[object Object],[object Object],[object Object]

You don’t like clueless bosses…

First day at work… ,[object Object]

Hugh Jasul Good Morning! Care for coffee?

Hugh Jasul Great. Hey, want to see a picture of my cat?

Hugh Jasul Enough small talk, Seymour. Hacme Inc. is in a bit of trouble…

Hugh Jasul We’ve had a few security “issues”…

Hugh Jasul Hackers have been hacking into Hacme Bank accounts!

Seymour Flaus Oh, is that all? So it’s not just a clever name.

Hugh Jasul No, there’s more. But find and fix this vulnerability right now! We’re going live tomorrow!

Hugh Jasul Not so fast, we got a complaint from one of our UAT testers.

Seymour Flaus OK, back to the drawing board.

Hugh Jasul Fantastic work, Seymour. By the way, we’re going to need you on Saturday morning for a four hour meeting…

Seymour Flaus Great. Nice to be appreciated.

Hugh Jasul Next order of business… Hacme Books customers are complaining that a book is being added to their cart!

Hugh Jasul Great job Seymour! By the way, I have some dry cleaning ready, could you..

Seymour Flaus I got my masters for this?

Hugh Jasul Great, great, great. Now, I know you’ve been busy, but there’s a top priority task at hand.

Hugh Jasul People have been cheating on Hacme Casino and scamming us for big $$$. Find and fix!

Hugh Jasul Alright, I think that’s a great first day. I’m off to the golf course…

Seymour Flaus See ya. I’m going to go hit up craigslist for a new job.

Introduction ,[object Object],Software Security Consultant Developer Architect/Designer

Introduction Who am I talking to? People using… People building… Software security folks frameworks.

Introduction What’s the point? WTF?

Security Concerns ,[object Object]

MVC Architecture View Model Controller

MVC Architecture View Model Controller View

Security Concerns - Model ,[object Object]

Security Concerns - Model ,[object Object],[object Object],[object Object],[object Object],[object Object],Data Protection in Storage

Security Concerns - Model ,[object Object],[object Object],[object Object],Fine Grained Authorization

Security Concerns - Model ,[object Object],[object Object],[object Object],Logging

Security Concerns - Model ,[object Object],[object Object],[object Object],Authentication

Security Concerns - View ,[object Object]

Security Concerns - View ,[object Object],[object Object],[object Object],Data Sanitization

Security Concerns - View ,[object Object],[object Object],[object Object],Error Handling

Security Concerns - View ,[object Object],[object Object],[object Object],Data Protection In Storage

Security Concerns - View ,[object Object],Data Protection In Transit

Security Concerns - Controller ,[object Object]

Security Concerns - Controller ,[object Object],[object Object],[object Object],Data Validation

Security Concerns - Controller ,[object Object],[object Object],[object Object],[object Object],Session Management

Security Concerns - Controller ,[object Object],[object Object],[object Object],Coarse-Grained Authorization

Security Concerns - Controller ,[object Object],[object Object],Data Protection in Transit

Stay tuned for… ,[object Object],[object Object],[object Object],[object Object]

Smolen Alex Securing The Mvc Architecture Part One

Recomendados

Recomendados

Más contenido relacionado

Similar a Smolen Alex Securing The Mvc Architecture Part One

Similar a Smolen Alex Securing The Mvc Architecture Part One (20)

Último

Último (20)

Smolen Alex Securing The Mvc Architecture Part One