Advanced Web Application Security

The security landscape has changed dramatically in the past 12 months. Unless you are aware of CSRF, Javascript Highjacking, and the many ways to fool an XSS filter, it's likely that your web application will not be secure. Attackers used to concentrate on ActiveX, but now Javascript, CSS and even simple HTML elements have are used against websites.

This session will outline the challenges facing the inhabitants of this strange world called 'web 2.0' and the options for protection, both from the point of view of site owners, and web users.

About Joe Walker

Joe Walker is a developer and consultant working on advanced web development techniques like AJAX.

He recently developed Direct Web Remoting, (DWR) which has become the most popular Ajax toolkit for Java by making browser/server interaction intuitive for web developers. See http://www.directwebremoting.com

He currently works through his consultancy, Getahead (http://getahead.org/), which is supplying a growing number of customers with AJAX and advanced web solutions.

More About Joe »