Are You Securing Your Rich Client Apps on the Server? An Introduction to Web API Security

  • Date: September 6, 2013 from 11:30AM to 12:45PM
  • Day 4
  • Meeting Room 6
  • DEV233A
  • Speakers: Troy Hunt
  • Avg Rating: 0

  • 12,811 Views

Download

Right click “Save as…”

Slides (view online)
Today's modern apps are increasingly moving towards richer experiences on the client as Windows Phone and Windows 8 apps become increasingly popular. Far from being the rich client apps of yore, today's modern client apps are highly interactive with back end services and there's no better way to deliver these than via Web API._x000D_ The web poses all sorts of online threats which put not just our browser based apps at risk, but those consuming from web services as well. This includes everything from the threats posed by a man in the middle to weaknesses in authentication and authorisation schemes. What's more, the risks tend to be more out of sight in the API world as they're not as highly visible as websites loaded in the browser. But make no mistake, cyber attackers can easily sniff out insecure API implementations and many of them are being readily exploited._x000D_ This session introduces attendees to the security paradigms available to them in Web API and consumable through Windows Phone and Windows 8 apps. It provides them with essential knowledge to ensure that the server interactivity provided to them within this new rich client world is properly secured at various levels as the principles of 'defence in depth' are applied.
For more information, check out these courses on Microsoft Virtual Academy:

Follow the Discussion

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.