I'll be doing a reprise of my DevDays 2004 presentation on "Defenses and Countermeasures" for the Columbia, MD ASP.NET Professionals User Group on Tuesday, May 4, 2004. 

Here is the Official Blurb:

Date: 5/4/2004 6:30pm-9:00pm
Topic: Defenses and Countermeasures - Secure Your ASP.NET Applications from Hackers
Location: 8850 Stanford Blvd, Suite 4000, Columbia, MD 20723
Description: Secure Your ASP.NET Applications from Hackers

This session presents countermeasures to defend against threats. Topics include input validation; best practices when working with Microsoft SQL Server™, including the use of parameterized commands, stored procedures, accounts with limited privileges, Microsoft Windows; authentication versus SQL Server logins, and secure storage of connection strings; HTML-encoding of user input; vulnerabilities specific to ASP.NET forms authentication and forms authentication cookies; use of encrypted view state rather than hidden fields to maintain state between requests; storage of password hashes rather than passwords for added security; and more.

Please stop by and say hello if you are in the area. I won't be under the strict time constraints that I was under for the DevDays presentation, so my hope is that it will be a more interactive session. BTW, I've presented to these guys before, so I KNOW interaction won't be an issue :-)

[Now Playing: Chale Chalo - Lagaan]