About Show #41
Richard and Greg talk to Dominick Baier about what it takes to secure an ASP.NET 2.0 application. The conversation ranges across least-privlege programming, involving security at the design point and why SSL should be on by default!
Dominick Baier is an internationally recognized expert for security of .NET and Windows applications. He supports companies worldwide with design and implementation of security features in their software as a security consultant at thinktecture (www.thinktecture.com). As one of the few "Developer Security" Microsoft MVPs , he works directly with various security teams in Redmond. One of the offsprings of this cooperation is the book "Developing More Secure Microsoft ASP.NET 2.0 Applications" which quickly became the book for ASP.NET security. Dominick also leads the security and WCF curriculum at DevelopMentor (www.develop.com). You can find a wealth of security related resources as well as conference slide decks and tools/sample code at Dominick's blog at http://www.leastprivilege.com.