2-Day Security Workshop at Redmond WA May 6-7


Security has become one of the core requirements for software products; secure products increase software reliability and reduce software maintenance costs by minimizing software security vulnerabilities. The need to protect critical data, infrastructures, and the need to build and preserve widespread trust in computing is paramount for independent software vendors.


US ISV Team, SecureIT Alliance and Platform Marketing are hosting a 2 day security workshop on Microsoft campus in Redmond, WA. Information Security team (ACE) will create and deliver this high value application focused security content. As a valued ISV partner we would like you to invite to this workshop. The seats are limited and we will register on first come first serve basis, please register as soon as possible.


Event:                    Security Workshop
Date & Time:          May 6th /7th 2008, 8:30 am to 5:30 pm
Location:                Building: REDW-E Emerald Auditorium – 5600 148th Avenue N.E.REDMOND, WA 98052


Registration:  http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032374745&culture=en-US


Agenda
















































Time


Day 1 (May 6th)


Day 2 (May 7th)


8:30 am – 9:00 am


Registration / Breakfast


Threat Modeling


 


Talk about the benefits realized through a Threat Modeling in the early design phases.


 


9:00 am -10:00 am


Key note


Security landscape and trends. Talk about general security/privacy trends in the software industry.


10:00 am – 10:15 am


Break


Break


10:15 am – 11:45 am


Writing secure code with Microsoft Vista


Overview of the security enhancements programmers should understand for Vista. Special attention to UAC and new crypto.


Programming with ADFS


Review the basic tenants of implementing federated identity into a program. Discussion about the new Geneva CTP


11:45 am – 12:30 pm


Lunch


Lunch


12:30 pm – 2:00 pm


Integrating CardSpace into an application


Explain what CardSpace is, what traditional attacks it mitigates, and how it follows the ‘laws of identity’. If possible, talk about our work with and integration with the OpenID Initiative.


MOSS (Microsoft Office SharePoint Server) Security


How to secure your MOSS infrastructure and implement best practices to write secure applications on top of MOSS.


2:00 pm – 2:15 pm


Break


Break


2:15 pm – 3:45 pm


WPF and SilverLight Security


Talk about the way SilverLight security works. Discussion on WPF and Silverlight2.0 Security.


SQL 2008 Security Enhancements


High level overview of SQL 2008 security changes, with emphasis on column level encryption and key protection hierarchy.


3:45 pm – 4:00 pm


Break


Break


4:00 pm – 5:30 pm


Secure your Web Apps Application Services


Explore various providers, including Active Directory, How to write your own log in control in ASP.NET AJAX


How to integrate a custom log in control with Silverlight 2


WCF Security


Basic tenants and foundations of WCF security, the different security bindings, and examples on their use (assumed basic knowledge of WCF)


 


 


We look forward to seeing you at the Security Workshop.