YOUR FEEDBACK
AMD Wants To Depose 486 People in Intel Case
AMD News Desk wrote: Contrary to what you may have read elsewhere, AMD has...
May. 9, 2008 01:06 PM
SOA World Conference
Virtualization Conference
$200 Savings Expire May 9, 2008... – Register Today!
Did you read today's front page stories & breaking news?
SYS-CON.TV: SOA Power Panel Live From Times Square


2007 West
GOLD SPONSORS:
Active Endpoints
Your SOA Needs BPEL for Orchestration
BEA
Virtualized SOA: Adaptive Infrastructure for Demanding Applications
Nexaweb
Overcoming Bandwidth Challenges with Nexaweb
TIBCO
What is Service Virtualization?
SILVER SPONSORS:
WSO2
Using Web Services Technologies and FOSS Solutions
Click For 2007 East
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
SYS-CON.TV
SYS-CON.TV WEBCASTS
JACKBE The Big A(architecture in AJAX)
INSTANTIATIONS Eclipse Rich Internet Platform with Taylor and Milinkovich
YAHOO! Applying AJAX to Speed User's Journey
ENERJY WEBCAST Java Code Quality Management
APP SERVER SHOOT-OUT with Microsoft, IBM, JBoss, Sun, BEA, and Oracle
TODAY'S TOP SOA & WEBSERVICES LINKS


AJAXWorld News Desk
All-New AJAX Security Bootcamp Next Week at AJAXWorld in New York
Billy Hoffman Launches the World's First All-Day Immersive Learning Focused on Mitigating Risks in AJAX Apps

By: RIA News Desk
Feb. 18, 2008 02:00 PM
Digg This!

Being held for the first time on March 18, 2008 at the historic Roosevelt Hotel in New York City, AJAXWorld Security Bootcamp is a compelling, intensive, one-day, hands-on training program that will teach Web developers, Web designers, and other Web professionals how to build secure AJAX applications and demonstrate what the best practices are to mitigate security problems in AJAX apps.

It is led by one of the world's foremost AJAX security experts and popular teachers, Billy Hoffman.

The full program is below.

Click Here to Register Now and Save!

When:  Monday, March 18, 2008: 8:30AM-5:30PM 

Where:  The Roosevelt Hotel on 45th and Madiscon, New York City

Who:  AJAX Security Bootcamp is led by:

Billy Hoffman is a lead security researcher for SPI Dynamics (www.spidynamics.com), which was purchased by Hewlett-Packard on 01 August 2007. At SPI Dynamics, he focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus.


Billy was a featured speaker at AJAXWorld Conference & Expo 2007 West.

Join Billy and your fellow Bootcamp delegates at the AJAXWorld Security Bootcamp on March 18. We'll see you in New York City!

Click Here to Register Now and Save!

AJAX Security Bootcamp Outline

8:30-8:45am Introductions and Participant Goals
8:45-9:30am

Live AJAX hacking demo

Step by step walk through of hacking an AJAX travel site

9:30-10:30am

Web Security

Overview of traditional web security

Resource enumeration attacks

Injection attacks

Information Disclosure

10:30-10:45am Break
10:45am-11:45am

AJAX Attack surface

Scoping the application

Input validation

Rich input validation

11:45am-12:30pm

Transparency in AJAX Applications

Manipulating variables

Control flow tampering

Control logic Denial of Service

Reverse engineering JavaScript

Trapping on-demand AJAX

12:30-1:30pm Lunch
1:30-2:30pm

Advanced AJAX Hacking

AJAX hijacking

Presentation layer hacking

Client-side storage

2:30-3:30pm

Complex AJAX Application Hacking

Web mashups

Gadgets and Widgets

Offline AJAX application

3:30-4:15pm

Audience Hacking Lab

Instructor supervised hacking of AJAX application

4:15-5:15pm

Secure AJAX Development and Testing

Secure coding practicess

Framework security features

Testing AJAX applications

Preserving trust

5:15-5:30pm Q&A

Click Here to Register Now and Save!

Published Feb. 18, 2008 — Reads 39,299
Copyright © 2008 SYS-CON Media. All Rights Reserved.
About RIA News Desk
Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

XML JOURNAL LATEST STORIES . . .
EDI to XML: A Practical Approach
By Carlo Innocenti
While EDI transactions account for most worldwide commercial activity, XML-based alternatives are beginning to gain traction. According to Forrester Research, stateful XML, stateless XML, and even flat file exchanges are all projected to grow at a faster rate than EDI over the next few
3rd International Virtualization Conference & Expo: Themes & Topics
By Jeremy Geelan
From Application Virtualization to Xen, a round-up of the virtualization themes & topics being discussed in NYC June 23-24, 2008 by the world-class speaker faculty at the 3rd International Virtualization Conference & Expo being held by SYS-CON Events in The Roosevelt Hotel, in midtown
Red Hat Named "Platinum Sponsor" of Virtualization Conference & Expo
By James Hamilton
Red Hat is a trusted open source provider. Red Hat offers enterprise customers a long-term plan for building infrastructures on the quality and innovation of open source. Combining open source operating system platform, Red Hat Enterprise Linux, together with applications, management
JustSystems Contributes Key XBRL Rendering Technology to Financial Community
By XML News Desk
JustSystems announced that it is contributing intellectual property rights for its invention of eXtensible Business Reporting Language (XBRL) rendering technologies to XBRL International, the standards body responsible for the oversight of the XBRL specification. The invention, known a
JustSystems Launches Campaign for XBRL Success
By XML News Desk
JustSystems announced its campaign to help organizations adopt XBRL (eXtensible Business Reporting Language), the XML-based standard for communicating financial and business information. In related news, JustSystems also announced that it has contributed intellectual property rights of
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021
SYS-CON FEATURED WHITEPAPERS


ADS BY GOOGLE
MOST READ THIS WEEK
ISO Becomes OOXML's Steward
By Maureen O'Gara
Benefitfocus Selects DataDirect XML Converters
By XML News Desk
JustSystems Named "Cool Vendor" by Gartner
By XML News Desk
JustSystems Champions "The Document as the Application"
By XML News Desk
My Review of Iron Man
By Kevin Hoffman
EDI to XML: A Practical Approach
By Carlo Innocenti
BREAKING XML NEWS
Company Profile for Minecode
What We Do - By adopting standards-based best practices and staying adept in new techno
May. 9, 2008 02:40 PM