defensive programming
play

DEFENSIVE PROGRAMMING Niall Merrigan Capgemini Norway When all you - PowerPoint PPT Presentation

Aug 26, 2023 •443 likes •976 views

DEFENSIVE PROGRAMMING Niall Merrigan Capgemini Norway When all you have is a mallet, everything looks like Justin Bieber If this text is too big you are sitting too close ASP.NET Resources OWASP Top 10 by Troy Hunt -

  1. DEFENSIVE PROGRAMMING Niall Merrigan Capgemini Norway

  12. When all you have is a mallet, everything looks like Justin Bieber

  13. If this text is too big you are sitting too close

  47. ASP.NET Resources • OWASP Top 10 by Troy Hunt - http://www.troyhunt.com/2011/12/free-ebook-owasp-top-10-for- net.html • Basic Security Practices for Web Applications - http://msdn.microsoft.com/en-us/library/zdh19h94(v=vs.100).aspx • ASP.NET MVC Security - http://www.asp.net/mvc/overview/security • Combating ClickJacking With X-Frame-Options - http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combati ng-clickjacking-with-x-frame-options.aspx • AntiXSS Toolkit - http://wpl.codeplex.com/ • ASafaWeb - https://asafaweb.com/ • ASP.NET Security Wiki - http://wiki.asp.net/page.aspx/27/security/

  48. IIS Resources • Security Guidance for IIS - http://technet.microsoft.com/en-us/library/dd450371.aspx • IIS Lockdown tool - http://technet.microsoft.com/en- us/library/dd450372(v=ws.10).aspx • URLScan – http://www.iis.net/learn/extensions/working- with-urlscan • IIS Configuring security - http://learn.iis.net/page.aspx/88/configuring-security/ • IIS Security Tools - http://www.iis.net/community/Security • Penetration Testing Tools list - http://projects.webappsec.org/w/page/13246988/Web%2 0Application%20Security%20Scanner%20List

  49. Image Credits 1. Security Fail - http://1121fail.blogspot.no/2010/01/fail.html 2. Fail - http://www.japemonster.com/funny-fails-new-selection-47-pics 3. Password - http://klaatu.anastrophe.com/index.php/2007/01/12/passwords-on-post-its-you-bet/ 4. Security Fail #2 - http://www.japemonster.com/funny-fails-new-selection-47-pics 5. Highscore - Gal - http://www.flickr.com/photos/83476873@N00/4116381 6. Twitter - http://joshhealey.org/wp-content/uploads/2012/08/Twitter-funny-cartoon-birds-image.jpg 7. Tank - http://cheezburger.com/3545425664 8. Norwegian Road Patrol - http://cheezburger.com/3833542912 9. G is for Goggles - Don -http://www.flickr.com/photos/60648084@N00/2349550374 10. Family - http://www.awkwardfamilyphotos.com 11. Hacker - http://trynerdy.com/wp-content/uploads/2012/04/hacker.jpg 12. Geek Ipad - http://sfnewtech.com/wp-content/uploads/ipad-geek.jpg 13. Door Slam - http://www.reactiongifs.com/tag/door-slam/ 14. [Taken in Paris (France) - 23Oct11] - philippe leroyer - http://www.flickr.com/photos/52499764@N00/6754312999 15. My favourite record - Mauricio Balvanera - http://www.flickr.com/photos/80039525@N00/491480800 16. Red 10 - darwin Bell- http://www.flickr.com/photos/53611153@N00/412631864 17. Illusion – http://www.cookdandbombd.co.uk/forums/index.php?topic=30742.120 18. Google It – Mez Love - http://www.flickr.com/photos/mezdeathhead/4533915662/ 19. The Nine - Daniel Kulinski- http://www.flickr.com/photos/7729940@N06/4000276979 20. What's your password - Michael Moore - http://www.flickr.com/photos/therealmichaelmoore/6055748207/ 21. Passwords are like underwear - http://thenextweb.com/shareables/2010/02/09/passwords-are-like-underwear/

  50. Image Credits 22. Password joke - http://www.freeduh.com/2011/10/05/i-asked-my-dad-where-the-children-came-from/sorry_about_the_idor/ 23. 8 Mosaic – LEOL30 - http://www.flickr.com/photos/lwr/101593950/ 24. Check – http://www.flickr.com/photos/yersinia/2982093881/ 25. Park 7 -Yersinia pestis - holeymoon - http://www.flickr.com/photos/81335564@N00/2004700172 26. Image, à la main, inconnu, ombre, 3456x2848 - http://xn--80aqafcrtq.cc/fr/?p=471951 27. Against the glass – http://www.fantom-xp.com/wp_23_~_Shadowgraph_desktop_backgrounds.html 28. 6 in six seconds – pshutterbug - http://www.flickr.com/photos/95565118@N00/922632392 29. IKEA YSOD - http://www.mikepope.com/blog/AddComment.aspx?blogid=1743 30. Yet Another Helpful Error - http://linkaider.com/category/hacks/ 31. 5 - svenwerk- http://www.flickr.com/photos/11864250@N00/369136782 32. This is Happening without your Permission - What What - http://www.flickr.com/photos/99136715@N00/32022937 33. Quatre - Kat... - http://www.flickr.com/photos/20195637@N00/2277229055 34. Me Burns - http://newarchivist.com/2009/10/01/three-things-i-didnt-learn/ 35. Three - Grant Hutchinson - http://www.flickr.com/photos/13522901@N00/59231687 36. the perfect drug - Dave Campbell - http://www.flickr.com/photos/19365001@N00/223731385 37. Cookie Monster - http://www.mobypicture.com/user/AmpleKing/view/6347653 38. Smiles and Rainbows - Pol Neiman - http://www.flickr.com/photos/37518559@N00/336380075 39. Cookie 2 – http://www.seriouseats.com/2007/07/photo-of-the-day-angry-cookie.html 40. A hit of the bubbly... – Adriane Dizon - http://www.flickr.com/photos/ev0luti0nary/7332541940/ 41. Gimp in a mask.!!! - DigiTaL~NomAd - http://www.flickr.com/photos/39865537@N03/4311168437 42. Bart Hiding behind a wall - http://www.wallpaperswala.com/bart-simpson/ 43. 1 - LEOL30 - http://www.flickr.com/photos/49968232@N00/305130907 44. Head in Hands - Alex Proimos - http://www.flickr.com/photos/34120957@N04/4199675334 45. I Know Who Dies! – Bart - http://www.flickr.com/photos/cayusa/891079569/

  51. Contact • Twitter: @nmerrigan • Blog: http://www.certsandprogs.com • Email – via blog Twitter Contact Details Resources

Recommend

Documentatio ion, , testin ing and debugg gging docstring defensive programming

Documentatio ion, , testin ing and debugg gging docstring defensive programming

Documentatio ion, , testin ing and debugg gging docstring defensive programming assert test driven developement assertions testing unittest debugger static type checking (mypy) Ensuring good quality code ?

448 views • 31 slides
11. Validation 1. Defensive Programming 1. Contracts 2. Reviews Prof. Dr. U. Amann 2. Tests

11. Validation 1. Defensive Programming 1. Contracts 2. Reviews Prof. Dr. U. Amann 2. Tests

Fakultt Informatik, Institut fr Software- und Multimediatechnik, Lehrstuhl fr Softwaretechnologie 11. Validation 1. Defensive Programming 1. Contracts 2. Reviews Prof. Dr. U. Amann 2. Tests Technische Universitt Dresden 1. Test

998 views • 73 slides
Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that

Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that

Objects First With Java A Practical Introduction Using BlueJ Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that things could go wrong. Exception handling and throwing. Error reporting.

768 views • 49 slides
Better Prevent Than Cure - Defensive Programming Credits: Fresh Sources Inc. Instructor:

Better Prevent Than Cure - Defensive Programming Credits: Fresh Sources Inc. Instructor:

Better Prevent Than Cure - Defensive Programming Credits: Fresh Sources Inc. Instructor: Peter Baumann email: p.baumann@jacobs-university.de tel: -3178 office: room 88, Research 1 Cannot find REALITY.SYS. Universe halted. 320312

611 views • 27 slides
Exceptions Defensive programming Anticipating that something could go wrong Handling

Exceptions Defensive programming Anticipating that something could go wrong Handling

Exceptions Defensive programming Anticipating that something could go wrong Handling errors Exception handling and throwing Example: File processing Exception handling and throwing Java: try-catch-finally, throw, throws

420 views • 7 slides
KBC Investment Strategy Presentation Defensive July 2020 Investment strategy Defensive

KBC Investment Strategy Presentation Defensive July 2020 Investment strategy Defensive

KBC Investment Strategy Presentation Defensive July 2020 Investment strategy Defensive Investment climate Key rate trends and outlook The European and US economies are restarting relatively quickly. 3,0 3,0 High-frequency indicators

388 views • 11 slides
KBC Investment Strategy Presentation Defensive June 2020 Investment strategy Defensive

KBC Investment Strategy Presentation Defensive June 2020 Investment strategy Defensive

KBC Investment Strategy Presentation Defensive June 2020 Investment strategy Defensive Investment climate Substantial economic contraction, uncertain outlook Key rate trends and outlook 3,0 3,0 Initial estimates suggest that the euro

457 views • 11 slides
Outline CSci 5271 Bernsteins perspective Introduction to Computer Security Day 8: Defensive

Outline CSci 5271 Bernsteins perspective Introduction to Computer Security Day 8: Defensive

Outline CSci 5271 Bernsteins perspective Introduction to Computer Security Day 8: Defensive programming and design, Announcements intermission part 2 Stephen McCamant Techniques for privilege separation University of Minnesota, Computer

577 views • 5 slides
Buffer Overflow Vulnerabilities Exploits and Defensive Techniques Adam Butcher and Peter

Buffer Overflow Vulnerabilities Exploits and Defensive Techniques Adam Butcher and Peter

Buffer Overflow Vulnerabilities Exploits and Defensive Techniques Adam Butcher and Peter Buchlovsky 8. March 2004 University of Birmingham 1 Contents 1. Call-stacks, shellcode, gets 2. Exploits stack-based, heap-based 3. Defensive

1.56k views • 123 slides
Outline Return-oriented programming (ROP) Control-flow integrity (CFI) CSci 5271 More modern

Outline Return-oriented programming (ROP) Control-flow integrity (CFI) CSci 5271 More modern

Outline Return-oriented programming (ROP) Control-flow integrity (CFI) CSci 5271 More modern exploit techniques Introduction to Computer Security Announcements intermission Day 7: Defensive programming and design, part 1 Saltzer &

579 views • 15 slides
Sentinel Defensive Fund Fund Manager Quarterly Review November 2008 For professional adviser

Sentinel Defensive Fund Fund Manager Quarterly Review November 2008 For professional adviser

Sentinel Defensive Fund Fund Manager Quarterly Review November 2008 For professional adviser use only To watch over and guard Headlines Sentinel Defensive Fund Tough start for the Fund Sentinel Perfect storm Falling

202 views • 17 slides
A Simple Theory of Defensive Patenting Jing-Yuan Chiou March 2005 Working Paper Patent System

A Simple Theory of Defensive Patenting Jing-Yuan Chiou March 2005 Working Paper Patent System

A Simple Theory of Defensive Patenting Jing-Yuan Chiou March 2005 Working Paper Patent System as an incentive scheme Rewards are indirect, and are realized only under credible threat of enforcement The role of Defensive Patents: threat of

255 views • 8 slides
Defensive Coding Techniques (Pt. 1) Engineering Secure Software Last Revised: September 21, 2020

Defensive Coding Techniques (Pt. 1) Engineering Secure Software Last Revised: September 21, 2020

Defensive Coding Techniques (Pt. 1) Engineering Secure Software Last Revised: September 21, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Defensive Coding vs. Risk Analysis Risk Analysis All about domain, assets,

561 views • 24 slides
Intellectual Commons as a defensive response to the enclosure of knowledge. A critical view.

Intellectual Commons as a defensive response to the enclosure of knowledge. A critical view.

Intellectual Commons as a defensive response to the enclosure of knowledge. A critical view. Mikel Dez Sarasola Third International Conference on Cultural Political Economy 7-8 September 2017, Lancaster University, UK Emergence of multiple

309 views • 9 slides
Building an IPS solution for inline usage during Red Teaming Repurposing defensive technologies

Building an IPS solution for inline usage during Red Teaming Repurposing defensive technologies

Building an IPS solution for inline usage during Red Teaming Repurposing defensive technologies for offensive Red Team operations K. Mladenov A. Zismer { kmladenov,azismer } @os3.nl Master Students in System and Network Engineering University

692 views • 57 slides
Agenda Thinking about the concept Introduction Types of defensive technology

Agenda Thinking about the concept Introduction Types of defensive technology

Agenda Thinking about the concept Introduction Types of defensive technology Raising the bar Typical assessment methodology Attacks Examples Conclusion Thinking about the concept Were from South Africa:

833 views • 26 slides
Unfolding network communities by combining defensive and offensive label propagation Lovro

Unfolding network communities by combining defensive and offensive label propagation Lovro

Unfolding network communities by combining defensive and offensive label propagation Lovro Subelj and Marko Bajec Faculty of Computer and Information Science, University of Ljubljana September 20, 2010 1 1 Workshop on the Analysis of Complex

347 views • 32 slides
Power Lessons for the defensive employment of small air forces Ian Horwood, Niall MacKay &

Power Lessons for the defensive employment of small air forces Ian Horwood, Niall MacKay &

Concentration and Asymmetry in Air Power Lessons for the defensive employment of small air forces Ian Horwood, Niall MacKay & Christopher Price Technical limitations of interwar air defence Chain Home radar station Continuity in British

797 views • 42 slides
Naval Postgraduate School C4I Architecture Supporting Conduct of Defensive and Offensive Joint

Naval Postgraduate School C4I Architecture Supporting Conduct of Defensive and Offensive Joint

Naval Postgraduate School C4I Architecture Supporting Conduct of Defensive and Offensive Joint ASW Presented By: Gregory Miller Bill Traganza Matthew Letourneau Baasit Saijid 28 Oct 2009 (based on report # NPS-00-001) 1 Team Members

415 views • 30 slides
Defensive Driving Alive at 25, 2 nd edition William Margaretta President New Jersey State

Defensive Driving Alive at 25, 2 nd edition William Margaretta President New Jersey State

Defensive Driving Alive at 25, 2 nd edition William Margaretta President New Jersey State Safety Council Program Overview Long Term Goal : To reduce the number of violations, injuries and fatalities incurred by young drivers between the

190 views • 16 slides
Brookdale Defensive Long Only Strategy Overview: The Investment Manager believes that company

Brookdale Defensive Long Only Strategy Overview: The Investment Manager believes that company

Brookdale Defensive Long Only Strategy Overview: The Investment Manager believes that company fundamentals are not nearly as volatile as stock prices, and this may provide a compelling opportunity. In this regard, stocks generally become

108 views • 9 slides
The value of bidding on Edition your brand terms An offensive and defensive strategy for digital

The value of bidding on Edition your brand terms An offensive and defensive strategy for digital

Retail The value of bidding on Edition your brand terms An offensive and defensive strategy for digital marketers There is an ongoing debate about the inclusion of brand name keywords in search marketing campaigns. Performance of brand name

544 views • 37 slides
The value of bidding on Edition your brand terms An offensive and defensive strategy for digital

The value of bidding on Edition your brand terms An offensive and defensive strategy for digital

Travel The value of bidding on Edition your brand terms An offensive and defensive strategy for digital marketers Theres ongoing debate about the inclusion of brand name keywords in search marketing campaigns. Performance of brand name

630 views • 39 slides
CASE 1: GRAFT TYPE IMPLICATIONS 17 y/o senior defensive back Injury in 7 v 7 in June

CASE 1: GRAFT TYPE IMPLICATIONS 17 y/o senior defensive back Injury in 7 v 7 in June

CASE 1: GRAFT TYPE IMPLICATIONS 17 y/o senior defensive back Injury in 7 v 7 in June Already signed with an large D1 program & will early enroll No other significant injury history IMAGING MRI BONE BRUISING HOW DOES

563 views • 20 slides

More recommend