Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Kentico CMS 7 - Security improvements

1 486 vues

Publié le

Kentico takes security seriously and security improvements are an important part of any new release. Password expiration and policy enforcement, are just a few of the new security improvements in Kentico CMS 7. in this interactive and demo filled session we looked at the new security improvements in Kentico CMS 7.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Kentico CMS 7 - Security improvements

  1. 1. Kentico CMS 7: SecurityimprovementsDominik Pinter, dominikp@kentico.com
  2. 2. Agenda• New features• New system protections• Improvements of existing features• Tips, hints, best practices
  3. 3. Have you met Sean?• Sean, agent 00111• Security expert at XYZ company
  4. 4. Users accounts are in danger!Task #1: Sean, make user accounts as secure as possible- Passwords: password format, password policy, password expiration, forgotten passwords retrieval, password hash salt- Disabling autocomplete- Invalid logon attempts- Delete all testing users before production!- Emergency reset of Administrator password - CMSAdminEmergencyReset web.config key
  5. 5. What about user sessions?Task #2: Sean, mitigate a risk that someone cansteal user session.- Session attacks protection- Clickjacking protection- Screen lock
  6. 6. Modules, modules, modules …Task #3: Sean, don‘t forget about the modules!- E-mail confirmation for subscription – Newsletters, Forums, Blogs, message boards- ASCX layouts protection- Reporting module protection- Web parts: Where, OrderBy
  7. 7. Q&A
  8. 8. Thank you http://www.kentico.comhttp://devnet.kentico.com dominikp@kentico.com

×