2017 AIM HDC

You have questions:

• Is WebForms dead?
• What’s next for MVC?
• How and why is the .NET Framework evolving?
• Why do I need a core JS Framework in ASP.NET stack?
• Pros and Cons of popular JS Core Frameworks?
• Do I need JS frameworks for my UI?
• Which Package Manager do I use?
• Why should I care about Transpilers?
• Why do I need to consider Build automation?
• How much is CLI and what can I do visually?

As the success of the modern web impacts the ASP.NET stack, let us take a closer look at real-world technology stacks with ASP.NET Core. Let’s tackle the hard questions!

Microsoft changed the software development landscape when they announced and then released the open-source and cross-platform version of the .NET framework, named .NET Core. Most developers celebrated, knowing their options for development tooling, production stacks and target environments just got much broader.

But how do we know if this new open-source framework is ready for prime time and is a good fit for our project? In this breakout session, Agilx CEO Dustin Clonch will examine this choice from a planning and architecture standpoint, while CTO Jeff Hale will cover some of the technical challenges, available tooling and libraries, and development resources associated with Core.

If you are a hard core .NET developer looking to jump into Core, this session is for you.

Today's popular JavaScript frameworks offer powerful models for creating components. But are you designing your components for reuse? Whether you're working in Angular, React, Knockout, Ember, or native web components, there are universal principles to consider for creating truly reusable components. This session explores the current state of JavaScript components and the hard lessons learned from publishing a suite of reusable JavaScript-based components at Cox Automotive. It's time to stop reinventing the wheel!

Many of us have been there before... You deploy your brand new web site to production, you know, the one that's going to make your company rich and you famous, and just as you're about to hit a thousand users, the site comes crashing down! If you haven't experienced this, chances are you know someone who has.

If you're building web apps and services for your organization you know how important it is to ensure those services are always up and running. While many of us go through great lengths to ensure we are testing the functionality of our systems we do not always take performance or system load into account.

Visual Studio Team Services (VSTS) provides multiple options and avenues for enabling performance and load testing for your systems. For example, did you know that VSTS also supports JMeter tests? With VSTS you can even run performance tests using on-premises servers in your own data center. This talk will give you an overview of the performance and load testing capabilities of VSTS. If you haven't looked at the load testing features of VSTS lately, you should definitely check out this talk!

Don’t wait until the end of your project to do security testing. Teams are automating manual tasks such as build, deployment, and functional testing. Security should be no different. Transform security from afterthought to continuously validating security every step of the process. In this session you will see how your CI/CD pipeline can perform continuous validation with every check-in including code analysis, OSS security scanning, and automated penetration testing using VSTS and OWASP ZAP Docker containers. Learn how continuous security validation, along with secure infrastructure, application, and monitoring can ensure your applications stay secure.

The Backends for Frontends (BFF) pattern is the creation of a dedicated backend service for each frontend experience. This means that every app, website, and desktop client will each have their own server-side backend. This is a departue from general purpose server-side APIs, which process requests from all clients with the same backend code.

Adherence to this pattern can increase developer happiness, allow for more flexible orchestration of multiple backend services, allow for more graceful feature degradation, and allow for more options when integrating 3rd-party services.

This presentation will cover:
- A detailed description of the pattern
- How the pattern differs from "traditional" service oriented architecture
- Developer benefits, including increased functionality ownership and team autonomy
- Architecture benefits, including increased backend flexibility

Demo code will also demonstrate the developer and architecture benefits of the pattern.

The pattern can be implemented on any technology stack, and the presentation slides will be stack-agnostic. Demo code will be themed around an eCommerce problem scope and presented in C#.

Docker has the potential to revolutionize how we build, deliver, support and even design software. But it doesn't have to be a violent revolution. The end goal might be breaking your existing ASP.NET monolith into microservices which run cross-platform on .NET Core, but the first step can be as simple as packaging your whole .Net Framework application as-is into a Docker image and running it as a container.

In this session I'll take an existing ASP.NET WebForms application and package it as a Docker image, which can run in a container on Windows Server 2016 and Windows 10. I'll show you how to run the app and a SQL Server database in Docker containers on Windows, and how to use Docker Compose to define the structure of a distributed application.

Then I'll iteratively add functionality to the app, making use of the Docker platform to modernize the monolith without a full rebuild. I'll take a feature-driven approach and show you how Docker makes it easy to address performance, usability and design issues.

Angular Universal is a platform and set of tools that empowers developers to pre-render or server-side render their Angular applications. In this session we'll cover when using Angular Universal makes sense, the different implementation patterns, and the architecture for the demo application. The demo application is a simple home dashboard that receives real time events from various "devices" in your home. Using this demo application as a reference, we'll step through the key components of the Angular Universal application and cover the life cycle of the project from setup to deployment.

The code examples presented in this session might be related to a basic dashboard, but the patterns and lessons can be easily translated to real world use cases where you can leverage the lessons learned.

Denial of Service isn't sexy. It isn't the mysterious shell code that when sent into a program magically turns it into a root shell. It's the ugly red headed step child of infosec because everyone knows how it works. Some attacker sends a ton of traffic into your application and it goes down. That's the end of the story right?

Wrong. Sure that's how the most "glamorous" DDoS attacks that hit the newspaper work, but with modern applications using REST Services, 3rd party libraries, and commercial API services a new scary type of DoS is quickly gaining in popularity. The Financial DoS. The one attack where the goal ISNT to disrupt the availability of your application through technical overload. The goal with a Financial DoS is to completely use up your company's budget. This is the attack that really costs.

In this session, we will discuss exactly what this attack is, how it works, and most importantly how development teams can architect this problem away.