Bare security necessities: as a user and web developer
Senior Software Developer
I am passionate about technology and everything that is new about it. I’m on a constant pursuit to learn new things, get certified in new technologies or enhance the ones I already have and stay in touch with the current trends of the IT world. But what I also love doing is having the possibility to share my experience and knowledge with others. I have discovered this affinity for teaching as a student and never stopped doing it ever since.
In the last several years I discovered that I am more and more passionate about Microsoft’s Cloud technologies so I began specializing in Azure, mostly following a developer’s path, and then began transitioning towards a cloud architect’s road, spiced with some dev-ops now and then. Also, I constantly push myself and strive to do things right and clean: from the code that I write, to the architectures I think of and last but not least, to becoming a craftsman in this profession.
Oh yeah, and one more thing: I love playing with fire, literally!
Presentation Topic: Bare security necessities in the modern day: as a user and as a web developer
Didn’t you notice that these days you cannot get by on the Internet without seeing almost everyday news about data breaches, hacks, malware and the likes? Because I know I have for the last years I could say.
And do you find this normal? Acceptable? Let me help you with the answer to those questions: it’s a definite NO!
And who’s to blame for all of these? (well apart from the bad guys doing all the nasty stuff of course) It’s you the developer, yes, for writing that vulnerable code and leaving the door open for others to do harm. But also, it’s you – the regular user’s – fault too. Your convenient habits and behaviors online are just perfect to get yourself hacked.
Actually, the root cause for mishandling security is the improper education combined with the lack of awareness. In order to push things just one little step in the right direction I want to share some pointers on how to consume the Internet while keeping your personal data safer. In this non-technical part, I will talk to you about some recommended behaviors changes and some tools that will help you protect who you are and what you own.
In the second technical part, I will go through some of the most important web security headers and security flaws that every web developer should know. We will see how a simple ASP.NET Core with intended vulnerabilities can be exploited, and then how can it be easily be patched up.