Rants about software topics and Method Development news.
Back on March 9th of this year (2020), Method Development celebrated 15 years of building software for local and national businesses and nonprofits. In our 15 years, here are just a few thoughts and things we have learned that have helped in our success:
Building custom software can be a big undertaking depending on the requirements of the project. Many times businesses begin building software only to have the project fail because the process was not designed or managed properly. Here are 4 key items you should strive towards when starting a software project to get better software.
Started using Visual Studio 2015 on Windows 10 this weekend, did a clean install. Started bringing in some of our current projects and could not get them to run with a local cert (ssl) on the new IIS Express 10.0. Only seemed to be an issue with Firefox and Chrome, not Microsoft Edge.
If you prefer to use Entity Framework, more power to you. After developing my SQL skills for years it just feels "odd" to give them up for what I consider minor convenience. I'm sure that this is some sort of holy war discussion that really, I'm not interested in participating in. Given that, there are some of us out here in the wild that don't want to use ORM's like Entity Framework (or any other for that matter, except of course Dapper). So when I found out that the new security model for ASP.NET called "ASP.NET Identity" had a dependency on EF, I needed a way to remove it.
OWASP ZAP is an excellent (FREE) tool to test your website for common security issues. It has a large library of plugins and an what seems to be an active community. Although the tool has an active attack method, I prefer the passive attack method as you can use the site as you normally would. Although tutorials do exist on how to get started, I personally had difficulty finding them or knowing what I was even looking for when I first started. Especially related to passive security scanning. The interface isn't the most "intuitive", so I figured I would write these instructions for anybody encountering the same problems.