Hugh Wood from Rencore: Development best practices for a new development world (ESPC 2017, Dublin)
24 Nov 2017•0 j'aime
Soyez le premier à aimer ceci
Nombre de vues
À partir des intégrations
Télécharger pour lire hors ligne
Hugh Woods' ESPC session included great tips on avoiding the security pitfalls of Apps and SPFx, understanding browser, API and framework performances, and good practices for a maintainable coded solution.
CORRECTNESS / APPROPIATENESS
Is SharePoint the solution?
Are all functional points going to be covered?
Can you deliver with the new technologies restrictions?
Response and throughput
rate of the system
What resources and how much of
the resources will be used during
operation and installation
Check the maximum storage or
users, and the maximum limits
of the proposed solution
• Server dependency on requests / second
• End user machines, including mobile
• Network speed and latency
• Multiple framework versions on a single page
- Namespace React/Redux instances
- Global variables are always in a Namespace
• API tokens
- Multiple parts using the same remote API
• External connections
- Connections aren’t greedy
Degree user can recognise the system
is appropriate for their needs
Degree of simplicity to learn
how to use the system
Simplicity of use
This is the Pre-Title Screen.
Please do not place any content on this screen.
To add your image, first delete the place holder image as shown in the white box.Then insert your picture and scale it to be bigger than the size of the white box shown.Finally, right click on your image and select ‘Send to back’ – your image should now be framed correctly.
Please add co-speaker image directly below, if applicable
Cost of a databreach up by 23% now at an average of £3.11
“covert channel communication attack” which exploits a cdn to covertly transmit information from source that can be intercepted, creating a backdoor into the system
“edge server bypass” when incorrect certificates are used the attacker can redirect requests away from cache servers to a selected server to upload a script of their choosing“amplify” a denial of service attack which prevents access to edge servers overloading the main source bypassing cdn protection
“end-to-end” this attack combines the previous two attacks to gain control over the target site
“burst attack” burst attack a system and intervals to prevent metric flood detection of cdn security