Want to download the mobile app for SDD 2017?

iPhone and Android users click here: https://attendify.com/app/xbhfom/
Windows Phone users click here: http://xbhfom.m.attendify.com/

SDD 2017 Schedule

Coding Level
This is a rating on a scale from 1 to 5 to indicate how much demo coding the session will contain (as opposed to slides) – 1 means no code demos, and 5 means nothing but.

Advanced Level
This is a rating on a scale from 1 to 5 to indicate how advanced the session is (in terms of the specific topic that is being covered) – 1 means that it’s introductory, and 5 means that it’s aimed at attendees who already have significant experience in the relevant area.

Thursday 18 May 2017



Track 5

Auditorium 1

Web application security: lessons learned

Coding Level 3
Advanced Level 3

No week passes without another successful high-profile attack against a well-known website. The reason is not only that old vulnerabilities still exist, but also that bad guys came up with new approaches to mess with a web site. We will have a look at some recent events that made the news, and dissect what went wrong, and what we can do about it for our applications.

You will see old attacks with a new twist, and modern ways to mess with a site. This includes a (fixed) vulnerability in a Microsoft framework, a successful historical attack against a social network, and many more.

Christian Wenz

Christian Wenz


Christian is an author, consultant and trainer focusing on web technologies and web application security. He has written or co-written over 100 books, including Professional ASP.NET 4.5 (Wiley) and JavaScript Phrasebook (Sams), and authored several courses for Pluralsight. Christian has spoken at many international developer conferences over the last fifteen years, including TechEd Europe, DevConnections, NDC, Techorama, BASTA!, and many more. He's a Microsoft MVP for ASP.NET and ASPInsiders member, and a co-founder of digital agency Arrabiata Solutions with offices in several European countries. http://www.arrabiata.co.uk  @chwenz

Other presentations by Christian Wenz

Return to full conference agenda