With the somewhat recent announcement that Dynamics is going to be the CRM of choice at the GOC. We are announcing a presentation on Mycrosoft Dynamics for .Net Developers. When we discussed doing a series to start up a study group the masses wanted B.A, FUnctinal and testing focused areas, however being that our user group is more technical in nature we will be concentrating on the .Net side of things with a lot of examples coming from either ASP.Net API or other elements.
Here is the event:
I have great news to share with the community. I was able to secure a room for 12 engagments in order to go forth with an Azure MOnthly Series.
As an ASP.Net and ASP.Net WebAPi specialist I will be doing the demos around these constructs.
The first is on Azure API Management where we will also see renditions of MuleSoft and APIGEE for API Managment. For the first lunch and learn we will concentrate on Modeling ASP.Net WebAPI’s and creating ASP.Net Web API’s. Once this base is completed we will continue and aggregate the API with Api Management. I would say the session will be 80% Web API and 20% Azure API Management.
See you there:
XSS, SQLi and the path traversal attack are the golden three payloads we see over and over again. In this segment we will oversee how ModSecurity securing IIS reacts to these payloads.
First and foremost , we will fire the payloads in ModSecurity’s demo site and see that the information is reflective in that it is sent back to the user for input. Evidently this is due to the fact that we are using a demo site and that a dashboard or log viewer is not available to oversee the errors. In the real world we would be exposing ourselves as we would let the attacker know that we are using brand x or IDS/IPS or in this case a WAF that is augmented with the OWAPS CRS to become and IDS.
Classic payloads and the online model.
Classic payloads and the on-premise solution housed in IIS.