SlideShare a Scribd company logo

Web App Security

Download as PPTX, PDF
Shahed Chowdhuri
Shahed Chowdhuri

This document summarizes common web application security issues and solutions. It discusses SQL injection, where malicious SQL code can be inserted into username/password fields, and demonstrates how to inject SQL. It also covers cross-site scripting (XSS), where script code can be submitted and run on a site. Potential data exposure issues are overviewed. The document recommends using framework features and error codes without unnecessary information. It promotes attending trainings from Microsoft leaders to enhance knowledge of cutting edge technologies.

Technology
1 of 19
Web Application Security Shahed Chowdhuri Sr. Technical Evangelist @ Microsoft @shahedC WakeUpAndCode.com in the Real World
Agenda  Overview  SQL Injection  Cross-Site Scripting (XSS)  Data Exposure  Next Steps  Q&A
Overview of Web Applications Database Web Server Internet Users
SQL Injection Enter your username and password… Username Password Submit myusername ' or 1=1)# … but what if you can inject SQL code in the input field?
SQL Injection Demo codebashing.com/sql_demo
SQL Injection in the Real World Link 1 Link 2 Link 3 Link 4
Solutions for SQL Injection Use framework-specific features
Cross-Site Scripting (XSS) Enter some text and submit it… Enter text: Text Submitted: Submit Hello World! Hello World! … but what if you could submit script code?
XSS Demo google.com/about/appsecurity/learning/xss/#BasicExample
Cross-Site Scripting in the Real World Link 1 Link 2 Link 3
Solutions for XSS Use framework-specific features
Data Exposure Perform an action that causes an error… Enter item: Text Submitted: Submit Error: servername.dbname in code file, line 21 New Item?!! … unnecessary information is displayed!
Solutions for Data Exposure Provide an error code for troubleshooting
Next Steps: OWASP Top 10 OWASP Top 10
HP WebInpsect & Fortify Tools http://hp.com/go/fortify
Gartner Magic Quadrant for AST http://www.gartner.com/doc/reprints?id=1-2KU6OUB&ct=150806&st=sb
Does this describe you?  Passionate about technology!  Tech-savvy!  Thrilled to learn new skills!  Actively involved with student orgs! You could be the Microsoft rock star on campus! To apply for the Microsoft Student Partners program:  Go to: http://aka.ms/mspapply2016 As an MSP, you will:  build apps and demos  demonstrate the newest technologies and host tech events on your campus  acquire the tools and training to lead technology discussions on your campus  build your global network with industry experts  connect with like-minded students and faculty around the world  attend trainings from Microsoft leaders to enhance your knowledge about cutting edge technologies  be the one on your campus with insight and answers on Microsoft technologies Contact: SHAHED CHOWDHURI, Sr. Technical Evangelist @ Microsoft shchowd@microsoft.com • http://WakeUpAndCode.com/msp
Email: shchowd@microsoft.com  Twitter: @shahedC

Recommended

Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with AzureShahed Chowdhuri
 
How to Win #BestMicrosoftHack with Azure
How to Win #BestMicrosoftHack with AzureHow to Win #BestMicrosoftHack with Azure
How to Win #BestMicrosoftHack with AzureShahed Chowdhuri
 
Universal Apps for Windows 10
Universal Apps for Windows 10Universal Apps for Windows 10
Universal Apps for Windows 10Shahed Chowdhuri
 
Azure: PaaS or IaaS
Azure: PaaS or IaaSAzure: PaaS or IaaS
Azure: PaaS or IaaSShahed Chowdhuri
 
Web app security
Web app securityWeb app security
Web app securityAraf Karsh Hamid
 
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...NCCOMMS
 
Intro to Product Development
Intro to Product DevelopmentIntro to Product Development
Intro to Product DevelopmentPuja Pramudya
 
Build modern web & api
Build modern web & apiBuild modern web & api
Build modern web & apiPuja Pramudya
 

Recommended

Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with AzureShahed Chowdhuri
 
How to Win #BestMicrosoftHack with Azure
How to Win #BestMicrosoftHack with AzureHow to Win #BestMicrosoftHack with Azure
How to Win #BestMicrosoftHack with AzureShahed Chowdhuri
 
Universal Apps for Windows 10
Universal Apps for Windows 10Universal Apps for Windows 10
Universal Apps for Windows 10Shahed Chowdhuri
 
Azure: PaaS or IaaS
Azure: PaaS or IaaSAzure: PaaS or IaaS
Azure: PaaS or IaaSShahed Chowdhuri
 
Web app security
Web app securityWeb app security
Web app securityAraf Karsh Hamid
 
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...
O365Con18 - Innovate, Connecting Bleeding Edge Technologies - Sjoukje Zaal & ...NCCOMMS
 
Intro to Product Development
Intro to Product DevelopmentIntro to Product Development
Intro to Product DevelopmentPuja Pramudya
 
Build modern web & api
Build modern web & apiBuild modern web & api
Build modern web & apiPuja Pramudya
 
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa ToromanO365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa ToromanNCCOMMS
 
Azure Bot Service
Azure Bot ServiceAzure Bot Service
Azure Bot ServiceAzure Riyadh User Group
 
Build & Track Your Mobile App
Build & Track Your Mobile AppBuild & Track Your Mobile App
Build & Track Your Mobile AppPuja Pramudya
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...NCCOMMS
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
LightSwitch
LightSwitchLightSwitch
LightSwitchRobert MacLean
 
Microsoft graph and power platform champ
Microsoft graph and power platform champMicrosoft graph and power platform champ
Microsoft graph and power platform champKumton Suttiraksiri
 
Develop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft TeamsDevelop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft TeamsMarkus Moeller
 
David Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive ServicesDavid Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive ServicesDavid Schneider
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Intro to cloud computing
Intro to cloud computingIntro to cloud computing
Intro to cloud computingShahriar Hossain
 
5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)Cory Fowler
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectoryThurupathan Vijayakumar
 
Getting started with development in azure
Getting started with development in azureGetting started with development in azure
Getting started with development in azureJasjit Chopra
 
Front End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from TelerikFront End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from TelerikLohith Goudagere Nagaraj
 
Windows Azure Mobile Services
Windows Azure Mobile ServicesWindows Azure Mobile Services
Windows Azure Mobile ServicesSasha Goldshtein
 
ASP.NET
ASP.NETASP.NET
ASP.NETRobert MacLean
 
Integrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service PlatformIntegrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service PlatformBizTalk360
 
ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015Shahed Chowdhuri
 
ASP.NET 5 & Unit Testing
ASP.NET 5 & Unit TestingASP.NET 5 & Unit Testing
ASP.NET 5 & Unit TestingShahed Chowdhuri
 

More Related Content

What's hot

O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa ToromanO365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa ToromanNCCOMMS
 
Build & Track Your Mobile App
Build & Track Your Mobile AppBuild & Track Your Mobile App
Build & Track Your Mobile AppPuja Pramudya
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...NCCOMMS
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerNCCOMMS
 
Microsoft graph and power platform champ
Microsoft graph and power platform champMicrosoft graph and power platform champ
Microsoft graph and power platform champKumton Suttiraksiri
 
Develop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft TeamsDevelop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft TeamsMarkus Moeller
 
David Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive ServicesDavid Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive ServicesDavid Schneider
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)Cory Fowler
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Getting started with development in azure
Getting started with development in azureGetting started with development in azure
Getting started with development in azureJasjit Chopra
 
Front End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from TelerikFront End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from TelerikLohith Goudagere Nagaraj
 
Windows Azure Mobile Services
Windows Azure Mobile ServicesWindows Azure Mobile Services
Windows Azure Mobile ServicesSasha Goldshtein
 
Integrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service PlatformIntegrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service PlatformBizTalk360
 

What's hot (20)

O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa ToromanO365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
O365Con18 - Azure Active Directory - Sasha Kranjac & Mustafa Toroman
 
Azure Bot Service
Azure Bot ServiceAzure Bot Service
Azure Bot Service
 
Build & Track Your Mobile App
Build & Track Your Mobile AppBuild & Track Your Mobile App
Build & Track Your Mobile App
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
 
LightSwitch
LightSwitchLightSwitch
LightSwitch
 
Microsoft graph and power platform champ
Microsoft graph and power platform champMicrosoft graph and power platform champ
Microsoft graph and power platform champ
 
Develop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft TeamsDevelop enterprise-ready applications for Microsoft Teams
Develop enterprise-ready applications for Microsoft Teams
 
David Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive ServicesDavid Schneider: Sort your (child's) Legos with Cognitive Services
David Schneider: Sort your (child's) Legos with Cognitive Services
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Intro to cloud computing
Intro to cloud computingIntro to cloud computing
Intro to cloud computing
 
5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)5 Absolutely Beautiful Things about Platform as a Service (PaaS)
5 Absolutely Beautiful Things about Platform as a Service (PaaS)
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Getting started with development in azure
Getting started with development in azureGetting started with development in azure
Getting started with development in azure
 
Front End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from TelerikFront End Applications Using One Stop JavaScript Library from Telerik
Front End Applications Using One Stop JavaScript Library from Telerik
 
Windows Azure Mobile Services
Windows Azure Mobile ServicesWindows Azure Mobile Services
Windows Azure Mobile Services
 
ASP.NET
ASP.NETASP.NET
ASP.NET
 
Integrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service PlatformIntegrating SaaS application using Microsoft’s Azure App Service Platform
Integrating SaaS application using Microsoft’s Azure App Service Platform
 

Viewers also liked

ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015Shahed Chowdhuri
 
Deploy Your Web Site or Web App on Azure
Deploy Your Web Site or Web App on AzureDeploy Your Web Site or Web App on Azure
Deploy Your Web Site or Web App on AzureShahed Chowdhuri
 
BizSpark & Azure for Startups
BizSpark & Azure for StartupsBizSpark & Azure for Startups
BizSpark & Azure for StartupsShahed Chowdhuri
 
Deeper into Windows 10 Development
Deeper into Windows 10 DevelopmentDeeper into Windows 10 Development
Deeper into Windows 10 DevelopmentShahed Chowdhuri
 
ASP.NET Core MVC + Web API with Overview (Post RC2)
ASP.NET Core MVC + Web API with Overview (Post RC2)ASP.NET Core MVC + Web API with Overview (Post RC2)
ASP.NET Core MVC + Web API with Overview (Post RC2)Shahed Chowdhuri
 
ASP.NET Core 1.0 Overview: Post-RC2
ASP.NET Core 1.0 Overview: Post-RC2ASP.NET Core 1.0 Overview: Post-RC2
ASP.NET Core 1.0 Overview: Post-RC2Shahed Chowdhuri
 
ASP.NET Core 1.0 Overview: Pre-RC2
ASP.NET Core 1.0 Overview: Pre-RC2ASP.NET Core 1.0 Overview: Pre-RC2
ASP.NET Core 1.0 Overview: Pre-RC2Shahed Chowdhuri
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 
Intro to HoloLens Development
Intro to HoloLens DevelopmentIntro to HoloLens Development
Intro to HoloLens DevelopmentShahed Chowdhuri
 
ASP.NET 5 Overview for Apex Systems
ASP.NET 5 Overview for Apex SystemsASP.NET 5 Overview for Apex Systems
ASP.NET 5 Overview for Apex SystemsShahed Chowdhuri
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 
Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with AzureShahed Chowdhuri
 

Viewers also liked (20)

ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015ASP.NET 5 Overview - Post Build 2015
ASP.NET 5 Overview - Post Build 2015
 
ASP.NET 5 & Unit Testing
ASP.NET 5 & Unit TestingASP.NET 5 & Unit Testing
ASP.NET 5 & Unit Testing
 
ASP.NET 5 Overview
ASP.NET 5 OverviewASP.NET 5 Overview
ASP.NET 5 Overview
 
Deploy Your Web Site or Web App on Azure
Deploy Your Web Site or Web App on AzureDeploy Your Web Site or Web App on Azure
Deploy Your Web Site or Web App on Azure
 
BizSpark & Azure for Startups
BizSpark & Azure for StartupsBizSpark & Azure for Startups
BizSpark & Azure for Startups
 
Deeper into Windows 10 Development
Deeper into Windows 10 DevelopmentDeeper into Windows 10 Development
Deeper into Windows 10 Development
 
Indie Game Development
Indie Game DevelopmentIndie Game Development
Indie Game Development
 
ASP.NET Core MVC + Web API with Overview (Post RC2)
ASP.NET Core MVC + Web API with Overview (Post RC2)ASP.NET Core MVC + Web API with Overview (Post RC2)
ASP.NET Core MVC + Web API with Overview (Post RC2)
 
ASP.NET Core Unit Testing
ASP.NET Core Unit TestingASP.NET Core Unit Testing
ASP.NET Core Unit Testing
 
Xbox One Dev Mode
Xbox One Dev ModeXbox One Dev Mode
Xbox One Dev Mode
 
Xbox One Dev Mode
Xbox One Dev ModeXbox One Dev Mode
Xbox One Dev Mode
 
ASP.NET Core 1.0 Overview: Post-RC2
ASP.NET Core 1.0 Overview: Post-RC2ASP.NET Core 1.0 Overview: Post-RC2
ASP.NET Core 1.0 Overview: Post-RC2
 
ASP.NET Core 1.0 Overview: Pre-RC2
ASP.NET Core 1.0 Overview: Pre-RC2ASP.NET Core 1.0 Overview: Pre-RC2
ASP.NET Core 1.0 Overview: Pre-RC2
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with Overview
 
Intro to HoloLens Development
Intro to HoloLens DevelopmentIntro to HoloLens Development
Intro to HoloLens Development
 
ASP.NET 5 Overview for Apex Systems
ASP.NET 5 Overview for Apex SystemsASP.NET 5 Overview for Apex Systems
ASP.NET 5 Overview for Apex Systems
 
Intro to Xamarin
Intro to XamarinIntro to Xamarin
Intro to Xamarin
 
Intro to Bot Framework
Intro to Bot FrameworkIntro to Bot Framework
Intro to Bot Framework
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with Overview
 
Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with Azure
 

Similar to Web App Security

Seminar2015Bilic_Nicole
Seminar2015Bilic_NicoleSeminar2015Bilic_Nicole
Seminar2015Bilic_NicoleNicole Bili?
 
Web security with Eng Ahmed Galal and Eng Ramy saeid
Web security with Eng Ahmed Galal and Eng Ramy saeid Web security with Eng Ahmed Galal and Eng Ramy saeid
Web security with Eng Ahmed Galal and Eng Ramy saeid Ahmed Ghazey
 
Sql Injection and Entity Frameworks
Sql Injection and Entity FrameworksSql Injection and Entity Frameworks
Sql Injection and Entity FrameworksRich Helton
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010Mario Heiderich
 
Yemo_Capstone_MS_Fairfield University
Yemo_Capstone_MS_Fairfield UniversityYemo_Capstone_MS_Fairfield University
Yemo_Capstone_MS_Fairfield UniversityGuillermo Julca
 
Spi dynamik-sql-inj
Spi dynamik-sql-injSpi dynamik-sql-inj
Spi dynamik-sql-injdrkimsky
 
Sql injections
Sql injectionsSql injections
Sql injectionsKK004
 
Hackers Paradise SQL Injection Attacks
Hackers Paradise SQL Injection AttacksHackers Paradise SQL Injection Attacks
Hackers Paradise SQL Injection Attacksamiable_indian
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introductionbrunoterkaly
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackIJRESJOURNAL
 
How "·$% developers defeat the web vulnerability scanners
How "·$% developers defeat the web vulnerability scannersHow "·$% developers defeat the web vulnerability scanners
How "·$% developers defeat the web vulnerability scannersChema Alonso
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacksKevin Kline
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseNoaman Aziz
 
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...Quek Lilian
 
Modern ASP.NET Webskills
Modern ASP.NET WebskillsModern ASP.NET Webskills
Modern ASP.NET WebskillsCaleb Jenkins
 
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...CODE BLUE
 
SQL Server Security - Attack
SQL Server Security - Attack SQL Server Security - Attack
SQL Server Security - Attack webhostingguy
 

Similar to Web App Security (20)

Seminar2015Bilic_Nicole
Seminar2015Bilic_NicoleSeminar2015Bilic_Nicole
Seminar2015Bilic_Nicole
 
Web security with Eng Ahmed Galal and Eng Ramy saeid
Web security with Eng Ahmed Galal and Eng Ramy saeid Web security with Eng Ahmed Galal and Eng Ramy saeid
Web security with Eng Ahmed Galal and Eng Ramy saeid
 
Sql Injection and Entity Frameworks
Sql Injection and Entity FrameworksSql Injection and Entity Frameworks
Sql Injection and Entity Frameworks
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010
 
Blind sql injection
Blind sql injectionBlind sql injection
Blind sql injection
 
Blind sql injection
Blind sql injectionBlind sql injection
Blind sql injection
 
Yemo_Capstone_MS_Fairfield University
Yemo_Capstone_MS_Fairfield UniversityYemo_Capstone_MS_Fairfield University
Yemo_Capstone_MS_Fairfield University
 
Spi dynamik-sql-inj
Spi dynamik-sql-injSpi dynamik-sql-inj
Spi dynamik-sql-inj
 
Sql injections
Sql injectionsSql injections
Sql injections
 
Hackers Paradise SQL Injection Attacks
Hackers Paradise SQL Injection AttacksHackers Paradise SQL Injection Attacks
Hackers Paradise SQL Injection Attacks
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introduction
 
Web Hacking
Web HackingWeb Hacking
Web Hacking
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection Attack
 
How "·$% developers defeat the web vulnerability scanners
How "·$% developers defeat the web vulnerability scannersHow "·$% developers defeat the web vulnerability scanners
How "·$% developers defeat the web vulnerability scanners
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacks
 
Sql injection bypassing hand book blackrose
Sql injection bypassing hand book blackroseSql injection bypassing hand book blackrose
Sql injection bypassing hand book blackrose
 
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
MS Innovation Day: A Lap Around Web Application Vulnerabilities by MVP Walter...
 
Modern ASP.NET Webskills
Modern ASP.NET WebskillsModern ASP.NET Webskills
Modern ASP.NET Webskills
 
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
 
SQL Server Security - Attack
SQL Server Security - Attack SQL Server Security - Attack
SQL Server Security - Attack
 

More from Shahed Chowdhuri

ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsShahed Chowdhuri
 
ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsShahed Chowdhuri
 
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive ServicesCloud-Backed Mixed Reality: HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive ServicesShahed Chowdhuri
 
ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsShahed Chowdhuri
 
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive ServicesCloud-Backed Mixed Reality with HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive ServicesShahed Chowdhuri
 
Microsoft Cognitive Services
Microsoft Cognitive ServicesMicrosoft Cognitive Services
Microsoft Cognitive ServicesShahed Chowdhuri
 
Intro to Bot Framework v3 with DB
Intro to Bot Framework v3 with DBIntro to Bot Framework v3 with DB
Intro to Bot Framework v3 with DBShahed Chowdhuri
 
Game On with Windows & Xbox One @ .NET Conf UY
Game On with Windows & Xbox One @ .NET Conf UYGame On with Windows & Xbox One @ .NET Conf UY
Game On with Windows & Xbox One @ .NET Conf UYShahed Chowdhuri
 
Game On with Windows & Xbox One!
Game On with Windows & Xbox One!Game On with Windows & Xbox One!
Game On with Windows & Xbox One!Shahed Chowdhuri
 
Going Serverless with Azure Functions
Going Serverless with Azure FunctionsGoing Serverless with Azure Functions
Going Serverless with Azure FunctionsShahed Chowdhuri
 
ASP.NET Core 2.0: The Future of Web Apps
ASP.NET Core 2.0: The Future of Web AppsASP.NET Core 2.0: The Future of Web Apps
ASP.NET Core 2.0: The Future of Web AppsShahed Chowdhuri
 
Intro to Xamarin: Cross-Platform Mobile Application Development
Intro to Xamarin: Cross-Platform Mobile Application DevelopmentIntro to Xamarin: Cross-Platform Mobile Application Development
Intro to Xamarin: Cross-Platform Mobile Application DevelopmentShahed Chowdhuri
 
Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with AzureShahed Chowdhuri
 
Intro to HoloLens Development + Windows Mixed Reality
Intro to HoloLens Development + Windows Mixed RealityIntro to HoloLens Development + Windows Mixed Reality
Intro to HoloLens Development + Windows Mixed RealityShahed Chowdhuri
 

More from Shahed Chowdhuri (20)

ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web Apps
 
ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web Apps
 
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive ServicesCloud-Backed Mixed Reality: HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality: HoloLens & Azure Cognitive Services
 
ASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web AppsASP.NET Core 2.1: The Future of Web Apps
ASP.NET Core 2.1: The Future of Web Apps
 
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive ServicesCloud-Backed Mixed Reality with HoloLens & Azure Cognitive Services
Cloud-Backed Mixed Reality with HoloLens & Azure Cognitive Services
 
Microsoft Cognitive Services
Microsoft Cognitive ServicesMicrosoft Cognitive Services
Microsoft Cognitive Services
 
Intro to Bot Framework v3 with DB
Intro to Bot Framework v3 with DBIntro to Bot Framework v3 with DB
Intro to Bot Framework v3 with DB
 
Game On with Windows & Xbox One @ .NET Conf UY
Game On with Windows & Xbox One @ .NET Conf UYGame On with Windows & Xbox One @ .NET Conf UY
Game On with Windows & Xbox One @ .NET Conf UY
 
Game On with Windows & Xbox One!
Game On with Windows & Xbox One!Game On with Windows & Xbox One!
Game On with Windows & Xbox One!
 
Going Serverless with Azure Functions
Going Serverless with Azure FunctionsGoing Serverless with Azure Functions
Going Serverless with Azure Functions
 
ASP.NET Core 2.0: The Future of Web Apps
ASP.NET Core 2.0: The Future of Web AppsASP.NET Core 2.0: The Future of Web Apps
ASP.NET Core 2.0: The Future of Web Apps
 
Azure for Hackathons
Azure for HackathonsAzure for Hackathons
Azure for Hackathons
 
Intro to Xamarin: Cross-Platform Mobile Application Development
Intro to Xamarin: Cross-Platform Mobile Application DevelopmentIntro to Xamarin: Cross-Platform Mobile Application Development
Intro to Xamarin: Cross-Platform Mobile Application Development
 
Xbox One Dev Mode
Xbox One Dev ModeXbox One Dev Mode
Xbox One Dev Mode
 
What's New at Microsoft?
What's New at Microsoft?What's New at Microsoft?
What's New at Microsoft?
 
Capture the Cloud with Azure
Capture the Cloud with AzureCapture the Cloud with Azure
Capture the Cloud with Azure
 
Intro to HoloLens Development + Windows Mixed Reality
Intro to HoloLens Development + Windows Mixed RealityIntro to HoloLens Development + Windows Mixed Reality
Intro to HoloLens Development + Windows Mixed Reality
 
Intro to Bot Framework v3
Intro to Bot Framework v3Intro to Bot Framework v3
Intro to Bot Framework v3
 
ASP.NET Core 1.0 Overview
ASP.NET Core 1.0 OverviewASP.NET Core 1.0 Overview
ASP.NET Core 1.0 Overview
 
ASP.NET Core 1.0 Overview
ASP.NET Core 1.0 OverviewASP.NET Core 1.0 Overview
ASP.NET Core 1.0 Overview
 

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Web App Security

  • 1. Web Application Security Shahed Chowdhuri Sr. Technical Evangelist @ Microsoft @shahedC WakeUpAndCode.com in the Real World
  • 2. Agenda  Overview  SQL Injection  Cross-Site Scripting (XSS)  Data Exposure  Next Steps  Q&A
  • 3. Overview of Web Applications Database Web Server Internet Users
  • 4. SQL Injection Enter your username and password… Username Password Submit myusername ' or 1=1)# … but what if you can inject SQL code in the input field?
  • 5. SQL Injection Demo codebashing.com/sql_demo
  • 6. SQL Injection in the Real World Link 1 Link 2 Link 3 Link 4
  • 7. Solutions for SQL Injection Use framework-specific features
  • 8. Cross-Site Scripting (XSS) Enter some text and submit it… Enter text: Text Submitted: Submit Hello World! Hello World! … but what if you could submit script code?
  • 10. Cross-Site Scripting in the Real World Link 1 Link 2 Link 3
  • 11. Solutions for XSS Use framework-specific features
  • 12. Data Exposure Perform an action that causes an error… Enter item: Text Submitted: Submit Error: servername.dbname in code file, line 21 New Item?!! … unnecessary information is displayed!
  • 13. Solutions for Data Exposure Provide an error code for troubleshooting
  • 14. Next Steps: OWASP Top 10 OWASP Top 10
  • 15. HP WebInpsect & Fortify Tools http://hp.com/go/fortify
  • 16. Gartner Magic Quadrant for AST http://www.gartner.com/doc/reprints?id=1-2KU6OUB&ct=150806&st=sb
  • 17.
  • 18. Does this describe you?  Passionate about technology!  Tech-savvy!  Thrilled to learn new skills!  Actively involved with student orgs! You could be the Microsoft rock star on campus! To apply for the Microsoft Student Partners program:  Go to: http://aka.ms/mspapply2016 As an MSP, you will:  build apps and demos  demonstrate the newest technologies and host tech events on your campus  acquire the tools and training to lead technology discussions on your campus  build your global network with industry experts  connect with like-minded students and faculty around the world  attend trainings from Microsoft leaders to enhance your knowledge about cutting edge technologies  be the one on your campus with insight and answers on Microsoft technologies Contact: SHAHED CHOWDHURI, Sr. Technical Evangelist @ Microsoft shchowd@microsoft.com • http://WakeUpAndCode.com/msp
  • 19. Email: shchowd@microsoft.com  Twitter: @shahedC

Editor's Notes

  1. Shahed Chowdhuri Web Application Security Overview SQL Injection Cross-Site Scripting (XSS) Data Exposure In the Real World Next Steps Q&A
  2. Contact Microsoft email: shchowd@microsoft.com Personal Twitter: @shahedC Dev Blog: WakeUpAndCode.com