Stephen Haunts : Cryptography in .NET with Key Management in Azure Key Vault

This is a past event

14 people went

Location image of event venue


.Net Cryptogrphy

Not encrypting your data is a risky move and just relying on hope that you won't get hacked and compromised is not a strategy.

As a software developer you have a duty to your employer to secure and protect their data. In this talk, you will learn how to use the .NET Framework to protect your data to satisfy confidentiality, integrity, non-repudiation, and authentication.

This talk covers random number generation, hashing, authenticated hashing, and password based key derivation functions. The talk also covers both symmetric and asymmetric encryption using DES, Triple DES, AES, and RSA. You then learn how to combine these all together to product a hybrid encryption scheme which includes AES, RSA, HMACS, and Digital Signatures.

Azure Key Vault

In a world where we are putting our companies data in the cloud, the protection of that data against a data breach has never been more important. In this talk I will show you how to setup and use the Microsoft Azure Key vault to protect your encryption keys and secrets like passwords and connection strings. Azure Key Vault uses the power of Hardware Security Modules (HSM's) to protect your secrets and make sure your solutions are as secure as they can be when working in regulated industries like healthcare, financial and insurance.

As well as showing you how to setup and configure the vault, I will show you how to code against it and various different patterns for security in a cloud base multi tenant environment. I will cover topics like:

* Setup Azure key Vault
* Authorize your application to access the vault with AzureAD
* Accessing the vault from your applications
* Using the Vault to wrap local encryption keys for performance
* Encrypting connection strings as Key Vault secrets to get flexible database routing in the cloud
* Audit logging for compliance

Once this talk is finished you will walk away with everything you need to start using Azure Key Vault today.

About Stephen Haunts

Stephen Haunts is an independent software developer, Pluralsight Author, Writer for APress, and classroom trainer. Stephen has had a long career working in computer games, banks, retail finance, insurance and healthcare and is now passionate about helping other developers, and professionals succeed in their careers.

Stephen has authored over 19 courses for Pluralsight, written a book on Cryptography for APress, and has spoken and taught workshops at conferences and companies all over the world.

Stephen is also the host of the popular business podcast, the Side Hustle Success Podcast.