SDD Conference 2016 – A Look Back at Day 3

4apr16_221333       It’s my last day at this years SDD Conference. Time flies when you are having a great time and learning some cool stuff. Laptop & tea? Check. Lets get on with it!

 

IMG_5829A Security Testers Toolbox – Niall Merrigan

Twitter: https://twitter.com/nmerrigan

The “don’t try this at home kids, GCHQ will come knocking on your door” session. I think this has been one of the best sessions for me at this conference. Niall does a great job presenting, but the content is something that like many I have glazed over in the past. However, it seems so simple these days to break things and hold you to ransom I figured I needed to know a bit more. I am so glad I attended this session. Not only did Niall provide some simple examles of how ‘people’ are the weakest link in any attack, he also provided some working examples of how you can attack your own systems and look for vulnerabilities. The worrying thing is how simple this really is. The green text on black screen, cutting c++ code is just not the truth. You can download a set of tools and be up and running in under an hour – and all for free. A very educational and worthwhile presentation. It would be fantastic to have Niall return next year and do some more workshops – perhaps even, to talk at the keynote?

 

IMG_5831Advanced C# : Functional Craziness In Your favourite Language – Oliver Sturm

Twitter: https://twitter.com/olivers

I’ve seen Oli before and his presentations are always good. It helps that he works with DevExpress, whom I am more than familiar with (I’ve been a customer for over 4 years now). His presentation was about functional programming, functional modularization and Monads. Functional programming was an interesing discussion. Write code that does one thing, takes input and produces an output. Don’t go off and do loads of other things as well, because then you create side-effects. Oli showed us a method that had been implemented and then showed us a different version of the method, written in a different structure, with the Pure Function idea in mind. Certainly a lot cleaner and easier to read. The topics functional modularization & currying were interesting but I think I might need to spend a fair bit more time reading up on the topics to be able to get the most out of it!

 

IMG_5833Serilog – The Best Logging Library for .NET You’ve Never Heard Of – Daniel Plaisted

Twitter: https://twitter.com/dsplaisted

I was interested to see what this logging framework was all about, because (a) I like Log4Net and (b) I had never even heard of Serilog. Serilog was actually written by a colleague of Daniels to get around all the annoying problems that exist in the other logging frameworks. It is free (great!) and is based upon semantic logging, meaning, it will log objects, to just about anywhere you want. Being able to log objects themselves makes this so much easier to use and personally, would make my life easier. Serilog is available via NuGet so its easy to install. You simply then instantiate an ILogger and then you are ready to start using it. From what I saw it looks really good, mainly because you can just throw an object at it and it will like each property and value. For example, throwing the size property of a Windows Form at it, it will log the Width=123, Height=123 simply by you asking it to logger.information(Form1.Location). Pretty impressive right? I think I will be giving it a go to be honest, I haven’t been very happy with Log4Net in my projects.