Welcome!

Cloud Expo Authors: Elizabeth White, Dana Gardner, Jeremy Geelan, Helen Ching, Adrian Bridgwater

Related Topics: SYS-CON MEDIA

SYS-CON MEDIA: Press Release

How To Mitigate Risks in AJAX Apps

All-New AJAX Security Bootcamp Next Week at AJAXWorld in New York
By Jeremy Geelan
Article Rating:
February 18, 2008 02:00 PM EST
Reads:
 56,970

Being held for the first time on March 18, 2008 at the historic Roosevelt Hotel in New York City, AJAXWorld Security Bootcamp is a compelling, intensive, one-day, hands-on training program that will teach Web developers, Web designers, and other Web professionals how to build secure AJAX applications and demonstrate what the best practices are to mitigate security problems in AJAX apps.

It is led by one of the world's foremost AJAX security experts and popular teachers, Billy Hoffman.

The full program is below.

Click Here to Register Now and Save!

When: Monday, March 18, 2008: 8:30AM-5:30PM 

Where: The Roosevelt Hotel on 45th and Madiscon, New York City

Who: AJAX Security Bootcamp is led by:

Billy Hoffman is a lead security researcher for SPI Dynamics (www.spidynamics.com), which was purchased by Hewlett-Packard on 01 August 2007. At SPI Dynamics, he focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus.


Billy was a featured speaker at AJAXWorld Conference & Expo 2007 West.

Join Billy and your fellow Bootcamp delegates at the AJAXWorld Security Bootcamp on March 18. We'll see you in New York City!

Click Here to Register Now and Save!

AJAX Security Bootcamp Outline
8:30-8:45am Introductions and Participant Goals
8:45-9:30am

Live AJAX hacking demo

Step by step walk through of hacking an AJAX travel site

 
9:30-10:30am

Web Security

Overview of traditional web security

Resource enumeration attacks

Injection attacks

Information Disclosure

 
10:30-10:45am Break
10:45am-11:45am

AJAX Attack surface

Scoping the application

Input validation

Rich input validation

 
11:45am-12:30pm

Transparency in AJAX Applications

Manipulating variables

Control flow tampering

Control logic Denial of Service

Reverse engineering JavaScript

Trapping on-demand AJAX

 
12:30-1:30pm Lunch
1:30-2:30pm

Advanced AJAX Hacking

AJAX hijacking

Presentation layer hacking

Client-side storage

 
2:30-3:30pm

Complex AJAX Application Hacking

Web mashups

Gadgets and Widgets

Offline AJAX application

 
3:30-4:15pm

Audience Hacking Lab

Instructor supervised hacking of AJAX application

 
4:15-5:15pm

Secure AJAX Development and Testing

Secure coding practicess

Framework security features

Testing AJAX applications

Preserving trust

 
5:15-5:30pm Q&A

Click Here to Register Now and Save!

Published February 18, 2008 – Reads 56,970
Copyright © 2008 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

More Stories By Jeremy Geelan

Jeremy Geelan is President & COO of Cloud Expo, Inc. and Conference Chair of the worldwide Cloud Expo series. He appears regularly at conferences and trade shows, speaking to technology audiences both in North America and overseas. He is executive producer and presenter of Cloud Expo's "Power Panels" on SYS-CON.TV.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Cloud Expo Breaking News
By Jeremy Geelan
With Cloud Expo 2012 New York (10th Cloud Expo) now under four months away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they work, what e...
Feb. 16, 2012 07:30 AM EST  Reads: 792
By Pat Romanski
2011 was a year of rapid adoption for public and private cloud services. Instant and on-demand server provisioning was the driving force behind the massive growth. On top, cloud server templates and script automation simplified application installation for simple and pre-defined application stacks, but have not targeted more complex enterprise application environments. In his session at the 10th International Cloud Expo, John Yung, CEO of Appcara, will discuss how 2012 will be the year for app...
Feb. 16, 2012 06:30 AM EST  Reads: 1,984
By Jeremy Geelan
"Having been in the IT field for many years, I believe the cloud computing chapter in the industry is an exciting one and I am proud to be a part of it," said National Reconaissance Office (NRO) Chief Information Officer Jill T. Singer Tuesday, as it was announced that she was one of 10 winners of the 2012 CloudNOW "Top Ten Women in Cloud" Awards.
Feb. 16, 2012 06:30 AM EST  Reads: 485
By Liz McMillan
As more enterprises are adopting clouds, the nature of cloud computing is changing. Previously, clouds were used to test applications or for non-mission critical applications. Today, enterprises are using clouds for cost-saving advantages and launching more mission critical applications that have defined performance needs. In his session at the 10th International Cloud Expo, Eric Shepcaro, CEO and Chairman of the Board of Telx, will discuss how distributed computing has many advantages. It wou...
Feb. 16, 2012 05:45 AM EST  Reads: 1,789
By Jeremy Geelan
With Cloud Expo 2012 New York (10th Cloud Expo) just four months away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they work, what else h...
Feb. 16, 2012 05:30 AM EST  Reads: 822
By Liz McMillan
Building a cloud computing environment with on-demand access to compute, network, and storage resources requires an elastic infrastructure at multiple levels. Virtualization combined with x86 servers has transformed the way we scale out compute resources. Unfortunately, legacy Fibre Channel and iSCSI storage architectures are rooted in rigid mainframe-era designs, and are fundamentally mismatched with the dynamic, shared modern data center. In his session at the 10th International Cloud Expo, ...
Feb. 16, 2012 05:30 AM EST  Reads: 2,365
By Jeremy Geelan
With Cloud Expo 2012 New York (10th Cloud Expo) now under four months away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they work, what e...
Feb. 15, 2012 03:15 PM EST  Reads: 492
By Jeremy Geelan
With Big Data Expo 2012 New York (co-located with 10th Cloud Expo) now under four months away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where ...
Feb. 15, 2012 11:45 AM EST  Reads: 372
By Jeremy Geelan
With Big Data Expo 2012 New York (co-located with 10th Cloud Expo) just four months away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference...
Feb. 15, 2012 11:30 AM EST  Reads: 918
By Elizabeth White
Can you bring services from the cloud to your customers faster and have them adopt it with ease of use or bring the power of bundled services to the fingertips of your clients without creating new rigid ‘apps stove pipes'? Do you want to prevent your business running away to public and unmanageably immature cloud services? In his session at the 10th International Cloud Expo, Hans van de Koppel, Sr. Enterprise Architect at Capgemini, will take Cloud Expo delegates to the developing world of clou...
Feb. 15, 2012 10:45 AM EST  Reads: 635
MORE »