Presentations -> Perfect Storm - Stopping New Attacks in a Web 2.0 World

QCon San Francisco 2007 Speakers Schedule Tutorials Tracks Keynotes Social Events Exhibition Sponsors Registration Volunteers Venue Travel Hotels About QCon All QCon events Contact qcon@infoq.com or +45 87 32 87 87 (650)543-8177	Presentation: "Perfect Storm - Stopping New Attacks in a Web 2.0 World" Track: Practical Application Security Time: Wednesday 16:00 - 17:00 Location: Stanford Abstract: In this session, Jeff will discuss web application threats arising out of rich client and "Web 2.0" technology such as Javascript, Ajax, and Flash that have recently become extremely dangerous. He'll focus on "Cross-Site Request Forgery" (CSRF) and "Advanced XSS" vulnerabilities that can be found in the vast majority of current web applications. The talk will cover maintaining security as the trust boundary shifts between client and server in enterprise application architectures. Download slides		Jeff Williams, Aspect Security Jeff Williams is the founder and CEO of Aspect Security, the leading provider of application security services (http://www.aspectsecurity.com). Jeff also serves as the volunteer Chair of the Open Web Application Security Project (OWASP), a free and open source organization dedicated to finding and fighting the causes of insecure software (http://www.owasp.org). Jeff has been writing code for 25 years, speaks frequently on application security, and has published numerous papers on practical risk and assurance techniques. Jeff holds advanced degrees in psychology, computer science, and human factors, and graduated cum laude from Georgetown University Law Center.

Presentation: "Perfect Storm - Stopping New Attacks in a Web 2.0 World"

Jeff Williams, Aspect Security