I could only get to Tim Ewards session on RESTful services in ASP.Net MVC yesterday as I had a prior engagement else where. It dovetailed in quite well into the previous day's session by Fritz Onion.
I attended sessions on a mix of different topics today which weren't necessarily what I'd originally choose but my appetite had been wetted over the last couple of days.
I wandered in a little late into Keith Browns' session on securing ASP.Net applications to find him going through the rudiments of a SQL-Injection attack. Without trying to sound conceited, I was thinking "I know all this, have I wasted a session here?" but the thought soon passed as he began to introduce facets of cross-site scripting I had never considered and a new concept to me, the Cross Site Request Forgery (CSRF). I left the session glad I'd attended and vowed to HTML encode everything ever received from the client and would install the anti CSRF Module for ASP.Net MVC as soon as I can.
The Design for Testing was a session given by Kevin Jones. The highlight of the session for me was the outbreak of the "Singletons are evil" debate from the floor.
If you ever have the chance to sit in on a session given by Eric Nelson, take it. He's a really good presenter and ploughed through "Deploying Cloud services in MS-Azure" in 90 minutes giving an excellent overview of what it can offer.
I've got to admit, I was flagging a bit by the time Brian Randall started his session on caching. I had the misconception that the session was going to cover web resources as I've got some real issues with them at the moment. However, SQL Server data caching was discussed more than anything else. I wouldn't have gone to it had I realised that but I did learn quite a bit that I'll definitely be able to use on a day to day basis.