Apr 28, 2006

Webcast on Security Testing

Just concluded the webcast on Security Testing ... typically, testing is something I have found people shying away from, and security even more so! So when the topic is Security Testing, I don't expect too much audience. But surprisingly we had about 40-50 odd folks, which is very impressive for what is thought to be a dull topic (quite wrong!)

 

To those who attended, many thanks, and I hope you found the discussion useful, and would actually start using some of the tools and techniques we discussed.

 

We hold the last webcast of the series next Fri, and that's on Threat Modeling. So hope to catch you there!

 

Apr 21, 2006

Webcast on .Net Framework Security

Just concluded the webcast on .Net Framework Security. There were about 75-80 attendees and a lot of questions. I answered most, except those that were either off-topic or too specific. Please post them here and I'll try and answer.

 

Thanks for joining and catch you folks next week again!

 

Apr 19, 2006

Security Shootout - Last Day!

We had an overwhelming response to the Security Shootout contest, with over 10,000 developers already vying for the honors (that was over a week back, don't know what the number is right now).

 

We are extremely thankful to everyone who took out their time and took the contest. A lot of people wrote to me saying how much they enjoyed the contest, and that it helped them understand the security issues better and taught them to think differently. Well, designing the contest and doing all the research taught me a lot too.

 

By the way, if you've not taken the contest so far, today is the last day for registration and Stage I closes today.

 

Once again thanks for all the support and here's wishing luck for Stage II!

Apr 14, 2006

Webcast on Securing Web Apps

Just concluded the webcast on securing web apps.  There were a lot of questions and we ran out of time. Please post those questions here and I will try and answer them all.

 

The ppt will be up shortly on the webcasts page (http://www.microsoft.com/india/webcasts). You can post the responses to the quiz at .

 

Some folks had requested for samples on secure web applications. I could not locate the samples themselves, but here are a couple of references on the subject which will go a long way in helping you build secure web applications:

 

1. Building Secure ASP.Net Applications: Authentication, Authorization and Secure Communication 

2. Improving Web Application Security: Threats and Countermeasures

3. Security Guidelines: ASP.Net 2.0


Hope you find this information useful. Thanks for joining the webcast and catch you next week!

  

Apr 7, 2006

Webcast on Crypto Basics

Just finished the
Crypto webcast, and it was a blast! A lot of people wrote back saying they
really enjoyed the webcast and that it was quite entertaining. Crypto and
entertaining? Well, yes, crypto can be fun! After all, it is all about secrets,
and aren't secrets fun things? :-)

 

The ppt for the
webcast should be available on the web shortly. I will put up the link
as soon as it goes live. If you have any questions, please do drop them here and
I will try my best to answer them. To those who attended the webcast, a
Big Thanks for joining us, and hope to catch you again next
week!

 

 

Honey, We Shrunk the World!


Yeah, you read that right. We did
shrink the world this week. And in two ways too.


 


1. MEDC 2006 - The Mobile and
Embedded Developer Conference - the definitive, one of its kind conference for
the developer targeting the mobile and embedded market, was held this week at
Bangalore. It
was a rocking event which drew around one thousand developers from all over
India. You had to be there to feel
the energy and the enthusiasm in the air.


 


2. It's Showtime! For the
first time in India (and
maybe the world), we organized a virtual conference across 40 locations in 30
cities over a satellite network, reaching out to about 500 developers all over
India. If you have ever wondered what
someone from Vastrapura, Ahmedabad wants to know about mobile development, you
should join this conference next time. It was an out of the world experience
interacting with developers from all parts of the country.


 


I was extremely fortunate to be a
part of the team that planned and executed these two events, and it was great
talking to people and answering their queries. I've always felt that one learns
best when one is trying to explain something to others. And these two events
were no exception. The kind of questions people asked, made me re-think about my
understanding of several issues.


 


I had planned to do a talk on the
security issues involved in the mobile space and things developers can do to
make mobile solutions more secure. I ended up doing that and one more. Trent
Swanson could not make it to the conference, and as his backup, I ended up
doing the session on Enterprise Mobile Solutions. It was a lot of fun going thru
a ton of material on the enterprise needs of mobile solutions and trying to
understand what it all means. The result was a condensed 50 slide deck touching
upon areas ranging from security, deployment to offline sceanrios to interop to
power management .. Honestly, one could talk about each one of these for a
couple of hours. But I hope the overview was useful and opened up those who
attended the session to the challenges involved and how they can be
addressed.


 

If
you have any questions on these areas, do drop them here, and I will try my best
to answer them.