Hacking .NET/C# Applications: Defend By Design

Presented at AppSec USA 2014, Sept. 18, 2014, 10:30 a.m. (45 minutes)

I will cover how to build an application to resist attacks. This is not the MicroSoft SDLC! This speech will cover the tasks developers should do in the design and development process to produce more secure applications. Such as Security-User-Stories Security-Unit-Tests..... Tiny choices in the development process can impact the security of the end system, but what does this look like in practice. This will be done from the point of view of a developer and helpful-hacker.

Presenters:

• Jon McCoy - Application Security Consultant - DigitalBodyGuard.com
  Jon McCoy is trained in Classical Software Engineering and Live System Forensics. He has released a number of tools and techniques for attacking/breaking/bending .NET Framework Application. He provides trainings in offensive and defensive software, consults on strategic policies and management, and provides outside security reviews for both Software and Infrastructure. He founded DigitalBodyGuard.com a general digital security firm that focuses on clients with thick applications. The firm brings a robust array of industry experiences from penetration testing and corporate training to front line software development and IT implementation.

Links:

• https://owaspappsecusa2014.sched.com/event/NvwrnC/hacking-netc-applications-defend-by-design

Similar Presentations:

• Black Hat Asia 2017 / Domo Arigato, Mr. Roboto: Security Robots a la Unit-Testing
• AppSec USA 2017 / Leveraging the ASVS in the Secure SDLC
• AppSec USA 2015 / Ah mom, why do I need to eat my vegetables?