Christian Wenz is an author, consultant and trainer focussing on web technologies and web application security. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, and is the lead author of the Zend PHP certification. His day job at Arrabiata Solutions includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right mix of web technologies.
English session - Intermediate
Since almost 25 years, Cross-site scripting (XSS) is one of the most common risks for web application. Yet today, there are many ways to protect a web application from the attack: browser features, HTTP headers, and special APIs. This talk first discusses why XSS is dangerous at all and then covers countermeasures: Content Security Policy, Trusted Types API, and protection in SPA frameworks. After this talk, there's (almost) no excuse to get XSS.
English session - Beginner
On November 8, 2022 .NET 7 was released. As a part of this new version with 1.5 years of support, the web frameworks ASP.NET Core and Blazor were updated. This session will showcase the major new features that were added, including many live demos. Especially when currently using .NET 6, an upgrade to .NET 7 is optional, so you should know whether the new possibilities are worth the migration.