[Owasp-sanantonio] OWASP San Antonio April meeting announcement

Dan Cornell dan at denimgroup.com
Thu Mar 23 10:58:39 EST 2006


All:

Here is the info for the April OWASP San Antonio meeting:

San Antonio OWASP Chapter: April 2006 Meeting
Topic: AJAX Security: Here We Go Again
Presenter: Dan Cornell of Denim Group, Ltd.
Date: Wednesday April 19th, 2006 11:30am - 1:00pm
Location:
San Antonio Technology Center (Web Room)
3463 Magic Drive
San Antonio, TX 78229
http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+T
X+78229

Abstract:
AJAX (or Asynchronous JavaScript And XML) is the hot new web programming
technique being used to create rich Internet applications.  By
interacting with the server behind the scenes and updating web page
DOMs, AJAX applications bring a new level of responsiveness to the web
and opens exciting new possibilities for creating new classes of
applications.  The success of applications such as Google Maps and
Flickr is a testament to the exciting potential AJAX techniques bring to
the discipline of web application development.

Unfortunately many organizations implementing these techniques are doing
so without considering the security implications on application design
and development.  Furthermore, because these techniques are so new the
threats and countermeasures are not well understood.  This presentation
will give an explanation of AJAX techniques and will examine the
underlying constructs and their behavior.  Next it will examine how
common web application vulnerabilities translate to AJAX environments
well as new threats that are specific to AJAX applications.  The
presentation will conclude with a demonstration of "sprajax," an
alpha-release open-source tool developed by Denim Group that analyzes
web applications for potential security vulnerabilities exposed through
the use of AJAX.

Presenter Bio:
Dan Cornell is a Principal of the Denim Group, a Texas-based consultancy
providing software development and application security services.  He
has extensive experience architecting and developing enterprise web
applications on a variety of platforms as well as training and mentoring
development teams on application security and secure coding techniques.
Dan is the creator and primary author of the sprajax open source AJAX
security assessment tool.  He is an MCSD as well as a Java 2 Certified
Programmer.

Sodas and snacks will be provided.  Feel free to bring a brown-bag
lunch.

Please RSVP: E-mail owasprsvp at denimgroup.com  or call (210) 572-4400.



Dan Cornell, MCSD | Principal
------------------------------------------
3463 Magic Drive, Suite 315
San Antonio, Texas 78229
office 210.572.4400 x11
------------------------------------------
DENIM GROUP | Build Integrate Secure 




More information about the Owasp-sanantonio mailing list