Adnan Masood – Page 17

Web/Services Security Talk @ San Diego.NET User Group

October 24, 2013Adnan Masood

Andrew Karcher, SQL Server MVP invited me to speak to San Diego .NET user group this Tuesday. The topic of my talk was Secure Code Top 10 (OWASP) for Service Oriented Architectures and the presentation slides can be downloaded from here. Links from the talk follow. Web Service Security Cheat Sheet https://www.owasp.org/index.php/Web_Service_Security_Cheat_Sheet OWASP web Goat.NET https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET WCF…

Tonight @ Pasadena .NET UG - Programming in the Age of Context w/ Jon Flanders

September 18, 2013September 18, 2013Adnan Masood

Abstract: Robert Scoble (Tech Savvy Social Butterfly) is calling the next age of computing the “Age of Context”. Mobile devices, wearables, and other sensors are starting to become commonplace everywhere we look. In this talk I will show you how – for under $50 – you can get involved and start experimenting with hardware that can…

OWASP Top 10 List of 2013 Released

June 20, 2013Adnan Masood

OWASP's Top 10, the Open Web Application Security Project's top 10 most critical web application security risks. A new list for 2013 has been published. OWASP top 10 list was last updated in 2010; in this update the importance of cross-site scripting (XSS) and cross-site request forgery (CRSF) has been reduced while risks related to broken…

Study Notes for 70-487 - Developing Windows Azure and Web Services

May 28, 2013Adnan Masood

After taking 70-486 - Developing ASP.NET MVC 4 Web Applications couple of weeks ago, I decided to take the final exam 70-487 - Developing Windows Azure and Web Services last week to finish my MCSD certification. Following are the set of notes I used along with MCT material which may help those preparing for the exam. The topic-by-topic breakdown…

Interview Questions for a Software Architect

May 21, 2013May 22, 2013Adnan Masood

just because this makes a really nice SEO friendly headline.. However, this post is not so much about specific questions and answers but rather pertains to the technical vocabulary, acumen and architectural thinking with abstractions. Without getting into the dogmatic differences between a solution architect, system architect, and an enterprise architect, I’d define software architect in…

Study Notes for 70-486 - Developing ASP.NET MVC 4 Web Applications

May 20, 2013Adnan Masood

After the 70-480 Programming HTML5 and CSS 3 Exam, I finally got around to taking 70-486 - Developing ASP.NET MVC 4 Web Applications which gets me 2/3 towards the destination for MCSD: Web Applications. Following are the set of notes I used along with MCT material which may help those preparing for the exam. The topic-by-topic breakdown is courtesy of…

On Entropy Depletion & Related Links

May 8, 2013Adnan Masood

I had to dig these up in the context of a conversation around the (in)security of currency regimes such as BitCoin where presumed ownership of currency is built solely upon asymmetric cryptography. You may find some of these links to be of interest as well. Textbook RSA is insecure and other interesting observations... http://crypto.stanford.edu/~dabo/courses/cs255_winter00/RSA.pdf…

Presentation on Exploring 'Distributed' in DDoS

April 25, 2013April 25, 2013Adnan Masood

Exploring Distributed in DDoS - Social Engineering aspects of an 'Anonymous' style DDoS attack Recorded 24 April 2013. Abstract: With the proliferation of social media and mobile devices to masses, protecting against distributed denial of service attacks has become an arduous technical challenge. Even though we expect much more sophistication, research reports show that majority…

Hacking Web Apps - Book Review

April 23, 2013April 23, 2013Adnan Masood

Hacking Web Apps - Detecting and Preventing Web Application Security Problems - by Mike Shema is a contemporary guide on web application security. Mike's labor of love, as he likes to call this book, contains very relevant and distilled information on modern day web application attacks. The book is different from your garden variety web-application-top-n-style…

Cloud Computing and CQRS Resources

April 19, 2013April 19, 2013Adnan Masood

MSDN Blogs: Cloud Architecture Series - CQRS Part 1 (Bruno Terkaly) http://blogs.msdn.com/b/brunoterkaly/archive/2012/02/07/cloud-architecture-series-cqrs-command-query-responsibility-segregation-part-01.aspx MSDN Magazine: CQRS on Windows Azure (Mark Seeman) http://msdn.microsoft.com/en-us/magazine/gg983487.aspx Book: Exploring CQRS and Event Sourcing: A journey into high scalability, availability, and maintainability with Windows Azure (MS Patterns & Practices) http://www.amazon.com/Exploring-CQRS-Event-Sourcing-maintainability/dp/1621140164 And a few backgrounders: CQRS - a new architecture precept based on…