Microsoft Community Techdays

The Agenda

Fundamentals of Security: 40 Minutes
Common attack patterns, data classification, and security data in storage/in transit

Authentication: 40 Minutes
HTTP Basic/Digest/Kerberos, forms authentication, and .NET framework identities and principles

Authorization: 40 minutes
Common authorization techniques, principles of least privilege net role based security, and code access security

Input Handling: 120 Minutes
Cross-site scripting (XSS), persistent XSS, non-persistent XSS, SQL injection, one-click attacks, XML and XPATH injection, canonicalization issues, file upload/creation, and exception management

Logging & Auditing: 20 minutes

Q&A: 30 Minutes