Andrew Clymer
Co-Founder, Managing Director at Rock Solid Knowledge
Bristol, United Kingdom
Actions
Andy has programmed professionally in various languages, including 6502 assemblers, C, C++, Java and C#. He’s a co-founder at Rock Solid Knowledge, where he’s responsible for managing the Identity and Access Management Division, and growing the company’s product portfolio utilising a range of technologies including web, mobile and Umbraco CMS.
Over the years Andy has trained thousands of software developers, spoken at dozens of technical conferences, and is the co-author of Pro Asynchronous Programming with .NET, published by Apress.
Links
Area of Expertise
Why Passwords should be banished to room 101
During this talk, we will discuss why securing the digital front door with passwords and conventional MFA is not best practice. What we should be doing is adopting Passkeys the new kid on the block adopted by Amazon, Google, Apple and Microsoft, the only non-multi-factor authentication that can not be phished, is not vulnerable to a data breach and provides a frictionless experience for the user.
Ten OO design patterns every developer should know in 90 minutes
Open your mind to the wonderful world of Object Orientated Design Patterns. Every OO developer should carry this virtual toolbox around in their head. In this talk, you will perhaps discover new patterns or re-discover existing techniques and learn the associated pattern vocabulary so you can effectively communicate with other developers. This will be a fast-action talk with a lot of code and an immersive deep dive into the world of design patterns.
Lets Stop Programming like 2017
Many developers have been programming in C# since its conception in 2002 and have been embarrassed and quick to adopt the new language features as each new version of C# has been deployed. But since C#7, adoption has possibly slowed down. Many new features, such as records, pattern matching, and required members, are often ignored in favour of how things have always been done. During this talk, we will look at various programming techniques before C#8 and see how we can transform them into modern C#.
How secure is your digital front door?
Protecting access to digital systems requires some form of authentication. With attackers becoming more sophisticated, staying ahead of the curve is more important than ever to prevent account compromises. During this talk, we will discuss what a modern login experience should look like and behave, including
* Minimize the effect of a credential store data breach
* How to Spot and Resist Attacks
* What is multi-factor authentication, and why is email not one of them?
* RIP Passwords, and adopt Passkeys
Finally, we will discuss account recovery, the new attack vector.
After this session, you will know how to build a secure, low-friction login experience for your users.
Essential OO Design Patterns every developer should know
Open your mind to the wonderful world of Object Orientated Design Patterns. Every OO developer should carry this virtual toolbox around in their head. In this talk, you will perhaps discover new patterns or re-discover existing techniques and learn the associated pattern vocabulary so you can effectively communicate with other developers. This will be a fast-action talk with a lot of code and an immersive deep dive into the world of design patterns.
Async and Await, How it works
During this talk, we will examine the origins of async/await. Demonstrate some effective use cases for why it is so important to both client-side and server-side programmers. Visits some of the common gotchas using async and await. We will uncover the mechanics of how it works, thus arming you with the knowledge to work effectively with async/await including asynchronous streams.
Asynchronous programming
Asynchronous programming is being pushed further into the mainstream with the introduction of the C# async and await keywords. It is therefore becoming more and more important that when we write libraries for our own application stack we pay attention to which functionality should be async in nature..
During this intensive workshop we will do a deep dive into how these new features work, and into the mechanics of how best to deliver asynchronous functionality into your applications.
We’ll focus not only on asynchronous compute but also on asynchronous IO, and look at some of the newer features async streams and ValueTask
The two speakers co-authored the Apress book Pro Asynchronous Programming with .NET.
Authorization the next frontier
The authentication problem is now solved; application developers no longer build login screens; they delegate it to a Single Sign-On solution. So what about authorization (what a user can do)? Can we delegate that behaviour, too?
During this talk, we will look at various ways of delivering authorization to your .NET application: Access Control Lists, Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC). We will discuss the pros and cons of not embedding authorization decisions inside your application logic, reducing the administration overhead by making security decisions on ambient business data and using dynamic policies to remove the risk of birth rights and finally, looking at how easy it is to prove to all stakeholders, both technical and not, that the application implements the expected authorization decisions.
Andrew Clymer
Co-Founder, Managing Director at Rock Solid Knowledge
Bristol, United Kingdom
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top