H8 Defending Against the Worst Web-Based Application Vulnerabilities in 2009 DEMO
Date: Wednesday, 11 March 2009
Time: 9:45am - 1pm
Track: Application Security
• Next generation attacks: SQL over JSON, XSS with RSS feeds, XPATH over SOAP
• Understanding the wide-spread XSS and CSRF attacks – why they help to build the worst kind of next generation Web-based worms and viruses spread through cross domain iframes
• Why scanning and detecting these application layer vulnerabilities are important for corporate enterprises
• How to defend against these attacks by providing content filtering over HTTP both for incoming and outgoing
• Source code scanning for Web 2.0 applications to protect applications against developer's mistakes
• Key tools and methodologies for both attacks and defense
Go To InfoSecWorld
This blog is created to keep track of my activities and place holder for sharing. Enjoy!
Monday, January 26, 2009
Tuesday, January 20, 2009
HITB in Dubai
At HITB Dubai we are going to have web security training and presentation on our new research methodology for Application Source Code Scanning for Web 2.0 Applications.
Here is a link to the training - GO
Subscribe to:
Posts (Atom)