Timo Hirvonen wrote: I would really appreciate an invitation. Been desperately trying to find one :)
timo [dot] hirvonen [at] gmail [dot]com
Nov. 27, 2009 11:13 AM EST
| By Jeremy Geelan | Article Rating: |
|
| February 18, 2008 02:00 PM EST | Reads: |
51,666 |
Being held for the first time on March 18, 2008 at the historic Roosevelt Hotel in New York City, AJAXWorld Security Bootcamp is a compelling, intensive, one-day, hands-on training program that will teach Web developers, Web designers, and other Web professionals how to build secure AJAX applications and demonstrate what the best practices are to mitigate security problems in AJAX apps.
It is led by one of the world's foremost AJAX security experts and popular teachers, Billy Hoffman.
The full program is below.
Click Here to Register Now and Save!
When: Monday, March 18, 2008: 8:30AM-5:30PM
Where: The Roosevelt Hotel on 45th and Madiscon, New York City
Who: AJAX Security Bootcamp is led by: 
Billy Hoffman is a lead security researcher for SPI Dynamics (www.spidynamics.com), which was purchased by Hewlett-Packard on 01 August 2007. At SPI Dynamics, he focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus.
Billy was a featured speaker at AJAXWorld Conference & Expo 2007 West.
Join Billy and your fellow Bootcamp delegates at the AJAXWorld Security Bootcamp on March 18. We'll see you in New York City!
CIO, CTO & Developer Resources
Click Here to Register Now and Save!
|
AJAX Security Bootcamp Outline |
|
| 8:30-8:45am | Introductions and Participant Goals |
| 8:45-9:30am |
Live AJAX hacking demo Step by step walk through of hacking an AJAX travel site
|
| 9:30-10:30am |
Web Security Overview of traditional web security Resource enumeration attacks Injection attacks Information Disclosure
|
| 10:30-10:45am | Break |
| 10:45am-11:45am |
AJAX Attack surface Scoping the application Input validation Rich input validation
|
| 11:45am-12:30pm |
Transparency in AJAX Applications Manipulating variables Control flow tampering Control logic Denial of Service Reverse engineering JavaScript Trapping on-demand AJAX
|
| 12:30-1:30pm | Lunch |
| 1:30-2:30pm |
Advanced AJAX Hacking AJAX hijacking Presentation layer hacking Client-side storage
|
| 2:30-3:30pm |
Complex AJAX Application Hacking Web mashups Gadgets and Widgets Offline AJAX application
|
| 3:30-4:15pm |
Audience Hacking Lab Instructor supervised hacking of AJAX application
|
| 4:15-5:15pm |
Secure AJAX Development and Testing Secure coding practicess Framework security features Testing AJAX applications Preserving trust
|
| 5:15-5:30pm | Q&A |
- Publishing Synergy: Blog, Twitter and Ulitzer
- Will PR Firms Survive The New Media Avalanche?
- Typhoon Ondoy (Ketsana) Hits the Philippines (Part 2)
- Confessions of a Ulitzer Addict
- Cloud Computing Expo 2010 East to Attract More Than 5,000 Delegates in New York City
- Cloud Computing Journal Continues To Publish World's Best Cloud Analysts
- CIA Falls for Cloud Computing in a Big Way
- Are You Comfortable With Where Your Data Sleeps at Night?
- Dr. Leslie Lenert of CDC Speaks on Healthcare IT
- Game-Changing Innovations and the Evolving SOA Appliance
- What Happened To SOA?
- Instant Professionalism Online Despite Yourself...with Ulitzer
- Cloud CEOs, CTOs & SVPs to Speak at 4th International Cloud Computing Expo
- Publishing Synergy: Blog, Twitter and Ulitzer
- Will PR Firms Survive The New Media Avalanche?
- Typhoon Ondoy (Ketsana) Hits the Philippines (Part 2)
- Confessions of a Ulitzer Addict
- My Thoughts on Ulitzer
- Combining the Cloud with the Computing: Application Delivery Networks
- Cloud Computing Expo 2010 East to Attract More Than 5,000 Delegates in New York City
- Ulitzer vs. Ning
- Cloud Computing Journal Continues To Publish World's Best Cloud Analysts
- CIA Falls for Cloud Computing in a Big Way
- Are You Comfortable With Where Your Data Sleeps at Night?
- Where Are RIA Technologies Headed in 2008?
- AJAX World RIA Conference & Expo Kicks Off in New York City
- JSON vs XML - A Jason vs Freddie Sequel
- Processing XML with C# and .NET
- Has the Technology Bounceback Begun?
- BPEL Processes and Human Workflow
- The Top 250 Players in the Cloud Computing Ecosystem
- Open Source Database Special Feature: An Introduction to Berkeley DB XML
- "HP's Problem Ain't the SAP Install," Says Sun's Schwartz
- eXist - An Introduction To Open Source Native XML Database
- Digitizing the Planet: Google Earth vs MSN Virtual Earth vs MapQuest
- Generating XML from Relational Database Tables
Subscribe to XML Journal Email News Alerts
Subscribe via RSS
