Adnan Masood, a Machine Learning Phd's musings on Life, Technology, Research & Development
I spoke to The San Francisco .NET Developers User Group last week on the topic of Practical Web Application Security with ASP.NET / MVC. Following are the some of the links from my talk. For additional links, please see my earlier talk Resources – talk @ 10th Annual SecureIT conference Home/MVC/Overview/Chapter 7. Security Security Extensibility in ASP.NET 4 (This…
The idea of using of Bayesian Belief Networks in digital forensics to quantify the evidence has been around for a while now. To provide qualitative approaches to Bayesian evidential reasoning in the digital Meta-Forensics is however relatively new in the decision support systems research. For law enforcement, decision support and application of data mining techniques to “soft” forensic evidence is…
Cloud camp LA happened couple of weeks ago at the coresite campus in downtown LA. The highlights of the evening were Dave Nielsen's intro, Lynn Langit's NOSQL session, Bret Statham's CQRS (Command Query Responsibility Segregation) talk and coresite's datacenter tour. Slides from Bret's lightning talk can be downloaded here. NoSQL for the SQL Server DBA View more…
This Wednesday April 25th, I will be part of a panel at the OWASP LA Security Summit where Jerry Hoff VP, Static Code Analysis Division at WhiteHat Security, will be speaking about Webgoat. Shakeel Tufail, Federal Practice Director for HP Enterprise Security Solutions, will be speaking on "Software (In)Security - Challenges to securing software". Noa Bar Yosef, Senior…
Microsoft Security Intelligence Report provides summarized information from the last 10 years focusing on software vulnerabilities, software vulnerability exploits, malicious, and potentially unwanted software. The report discusses the origin of malware following it through the decade of mutation all the way upto cloud. However, the report does not cover specific threats to cloud in detail…
Following are the resources from my and Tin Zaw's talk @ 10th Annual SecureIT conference- “Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform” OWASP Top 10 Presentation AppSec Tutorial Videos OWASP Cheat Sheets ASP.NET MVC Best Practices Microsoft Partners in Learning OWASP 2010 Top 10 Cheat Sheet Free eBook: OWASP Top…
On March 18th, I will be speaking at the 10th Annual SecureIT conference in a workshop titled “Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform”. This is a joint session with Tin Zaw, chapter leader and president of OWASP LA. Here is the abstract. Practical Web Application Security and OWASP Top…
Tonight I'll be speaking at LA .NET Users Group on Practical Web Application Security - A Primer with OWASP Top 10 and ASP.NET/MVC This session is a developer's introduction to the web application security threats using the OWASP top 10 list of potential security flaws. With examples in ASP.NET and ASP.NET MVC, we will go…
AppSec USA 2010 is the premier web application security conference of the year. From IT decision makers and managers to security conscious developers and engineers, AppSec USA will provide answers to a wide variety of questions on application security. Online registration is open till September 3. We have 5 keynote speakers, 2 panel discussions, 6…
Here is a short step by step guide on how to get your WCF service to perform Message and Transport level security over SSL with user name and password. I ran into this recently and thought should document it along with source code to provide reference for the rest of us. 1. If your development…