Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Kentico CMS 7 - Security improvements

1.487 visualizaciones

Publicado el

Kentico takes security seriously and security improvements are an important part of any new release. Password expiration and policy enforcement, are just a few of the new security improvements in Kentico CMS 7. in this interactive and demo filled session we looked at the new security improvements in Kentico CMS 7.

Publicado en: Tecnología
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Kentico CMS 7 - Security improvements

  1. 1. Kentico CMS 7: SecurityimprovementsDominik Pinter, dominikp@kentico.com
  2. 2. Agenda• New features• New system protections• Improvements of existing features• Tips, hints, best practices
  3. 3. Have you met Sean?• Sean, agent 00111• Security expert at XYZ company
  4. 4. Users accounts are in danger!Task #1: Sean, make user accounts as secure as possible- Passwords: password format, password policy, password expiration, forgotten passwords retrieval, password hash salt- Disabling autocomplete- Invalid logon attempts- Delete all testing users before production!- Emergency reset of Administrator password - CMSAdminEmergencyReset web.config key
  5. 5. What about user sessions?Task #2: Sean, mitigate a risk that someone cansteal user session.- Session attacks protection- Clickjacking protection- Screen lock
  6. 6. Modules, modules, modules …Task #3: Sean, don‘t forget about the modules!- E-mail confirmation for subscription – Newsletters, Forums, Blogs, message boards- ASCX layouts protection- Reporting module protection- Web parts: Where, OrderBy
  7. 7. Q&A
  8. 8. Thank you http://www.kentico.comhttp://devnet.kentico.com dominikp@kentico.com

×