Whether you call them "Metro apps," "Windows 8 Design-Style apps," "RT apps," or "modern apps," the new class of applications for Windows 8 and later tablets are not only here to stay, they also offer some interesting advantages and challenges for IT pros. Much has been written about modern apps, but 99% of that was written with developers in mind. That makes a certain amount of sense, as no one is going to ask us IT pros to support software that hasn't yet been written, but given that the Windows Store added its 100,000th modern app back in July of 2013, it's reasonable to assert that the time has come for IT pros to know more about the members of the six-figure army. How are they structured? ARE they more secure? Where are they stored? What options do you have to deploy them? What about "sideloading," the method to roll out home-grown line-of-business apps? Join us for an informative, entertaining, and real-world look at the latest crop of Windows apps!
Today we are able to see a clear shift in how enterprises are targeted by malware engineers. The attack landscape has adapted to the new world and they now perform targeted attacks, especially over the social networks. Because guess what? The CEO, CTO, or even the girl next door has a social network account. Join this session and explore how social engineering has grown over time and examine lessons learned from the field on how to best mitigate those traps.
Everything in the OWASP TOP 10 is covered in this session, including: Injections, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery (CSRF), Using Components with Known Vulnerabilities, Unvalidated Redirects and Forwards.