Bitcoin is a cryptocurrency, but what does that mean? How is mathematics used to protect your Bitcoins and your identity? What is the long-term outlook for the level of cryptography that is used by Bitcoin before anyone with commodity hardware can crack the codes? This session attempts to answer those questions while providing a primer of how cryptographic hashing algorithms and elliptic curve digital signature algorithms work, and how they have been broken in the past.

With security attacks on the rise, protecting your applications and data is more of a necessity than ever before. We’ll discuss some of the features provided by Visual Studio and the .Net framework, such as Dotfuscator, SignTool, and encryption tools. In addition we'll look at other protective measures such as early intrusion detection, mitigation, and Social Engineering. These are topics not typically covered in other security presentations or material.

Following the quick start examples it is trivial for a developer to stand up a new ASP.NET MVC application and use ASP.NET identity to handle user authentication and authorization. However, following these tutorials there are many important details that are left out. How do you work within a single DB Context? How do you share your data model with a project outside of ASP.NET MVC? How do you use Dependency Injection with Identity? How about displaying the users name on each page load?

This talk goes into all of the details that you need to truly SUCCEED with ASP.NET MVC and Identity. By sharing a big set of lessons learned, and other helpful insight your next project should be much easier to get off the ground!

Ever wonder how a code obfuscator works? Are you curious to see what happens when it alters the compiled code of an application? We’ll look at one of the most popular .NET obfuscators, Dotfuscator Professional from Preemptive Solutions. It has a lot of features found in other similar applications like code injection, method renaming, and string encryption, and we’ll look at how those affect the code along with problems they cause. Along with this, there are new features which help prevent tampering and debugging we’ll explore in additional seeing how it can phone home in the event of an attack. Of course, no talk on security would be complete if we didn’t explore how to bypass some of those counter measures too!

Being a major player in the FinTech space we take protecting our client’s information seriously. Client information must be protected as it flows from system to system but also when it comes to rest (where it is stored long term). Even if those systems aren’t even written in the same technology. Encrypting data presents some very unique challenges like scalability and performance since every system upstream and downstream needs to call the system. It is something that always needs to be on, perform at high scale, and yet still be easy to use and integrate with for other development teams. In this session I’ll walk you through how we built an encryption platform from the ground up, some technologies we used, why we chose them and how developers use the platform using one of our open source frameworks.