YOUR FEEDBACK
Ross Cooney wrote: Buying servers is capital intensive...and impossible for startups. Buying capaci...
Nov. 21, 2008 02:27 PM
Did you read today's front page stories & breaking news?

SYS-CON.TV: RIA Shoot-Out! AJAX, Flex, Silverlight, and JavaFX

2008 East
DIAMOND SPONSOR:
Data Direct
Frontiers in Data Access: The Coming Wave in Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
Intel
Virtualization – Path to Predictive Enterprise
Green Hills
IT Security in a Hostile World
JBoss / freedom oss
Practical SOA Approach
GOLD SPONSORS:
Software AG
The Art & Science of SOA: How Governance Enables Adoption
PlateSpin
Effective Planning for Virtual Infrastructure Growth
Fujitsu
Automated Business Process Discovery & Virtualization Service
Ceedo
Workspace Virtualization
Click For 2007 West
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
SYS-CON.TV
SYS-CON.TV WEBCASTS
JACKBE The Big A(architecture in AJAX)
INSTANTIATIONS Eclipse Rich Internet Platform with Taylor and Milinkovich
YAHOO! Applying AJAX to Speed User's Journey
ENERJY WEBCAST Java Code Quality Management
APP SERVER SHOOT-OUT with Microsoft, IBM, JBoss, Sun, BEA, and Oracle
TODAY'S TOP SOA & WEBSERVICES LINKS


News
Understanding the Top Web 2.0 Attack Vectors at AJAX World
Danny Allan's RIA Session at AJAXWorld, March 18-20, in New York City

By: Web 2.0 News Desk
Feb. 25, 2008 05:15 PM

As more traditional sites adopt Web 2.0 technologies including AJAX, Web Services, SOA and PHP to perform online transactions one thing is certain--- these new technologies bring security issues and ignoring them could lead to serious breaches.

Watchfire will demonstrate and discuss the most common Web 2.0 attack vectors, analyze the specific security issues of AJAX, especially cross-site request forgery (CSRF) and cross-site scripting (CSS), and explain techniques for exploiting and protecting web services including secure coding practices and how to properly secure web applications.

Speaker Bio: Danny Allan is director of security research with Waltham-based Watchfire, a provider of software and services to help ensure the security and compliance of Websites. In 2000, he joined Watchfire bringing with him several years of business and technology-related experience including penetration testing and internal system remediation for one of Canada's biggest universities. In his role as security analyst, he is closely involved with enterprise global customer deployments, researching and evaluating technologies, and helping define and recommend strategic directions for Watchfire's security solutions. In his more than six years with Watchfire, Allan has held several critical customer-facing positions, including team lead, consulting services and sales engineer. He holds a Bachelor of Commerce with a major in information systems from Carleton University.

Register for AJAXWorld Conference & Expo
Submit Your Paper to Present a Session
Sponsor AJAXWorld Conference & Expo

2008  Will Be The Decision Year for RIAs
AJAXWorld Conference & Expo 2008 will provide delegates with the optimum balance between RIAs, Rich Web Technologies and AJAX, while underlining business needs, technology potential, and enhanced user experience.

This year at AJAXWorld the relentless focus is not only on where RIAs are now but also where Rich Web Technologies are headed, where Enterprise Web 2.0 and Social Applications are taking the software development industry and the end user, and how Rich Web Technologies are transforming our businesses and our lives.

Delegates will learn how RIAs are making money and gaining market-share for some of the leading businesses in the world.

The real-world questions that will be answered by this year's 140+ sessions are those that currently preoccupy working developers, architects, IT managers and business line managers. The 2008 tracks include:

  • Enterprise RIAs and AJAX
  • Rich-Web Case Studies and Mash-Ups
  • Enterprise Web 2.0 & Social Applications
  • Event-Driven Web
  • iPhone Developer Summit
  • Diamond Track

AJAXWorld is sponsored by the world’s leading RIA technology providers including.

Conference faculty includes the world’s top RIA experts.

Published Feb. 25, 2008— Reads 11,724
Copyright © 2008 SYS-CON Media. All Rights Reserved.
About Web 2.0 News Desk
The Web 2.0 Journal News Desk keeps you up to speed with all that's happening in the world of the read/write Web and all its mushrooming new facets - from tagging, wikis, mash-ups, and image-sharing to "Advertising 2.0," podcasting, and The Writeable Web.

WEB 2.0 LATEST NEWS
By Ric Smith
Since Web 2.0 kicked off scarcely a day goes by without a headline targeting mashups and their enablers, AJAX and Web Services, as the next hot Web technologies. Mashups are Web sites that integrate a variety of services (e.g., news feeds, weather reports, maps, and traffic conditions)...
By Jeremy Geelan
In this Exclusive Q&A with Jeremy Geelan of SYS-CON's Cloud Computing Journal, Rajeev Kutty of Keynote Systems speaks of the factors currently driving companies to increase their effort in monitoring the performance of their Web and mobile applications, and about how Keynote foresees a...
By Web 2.0 News Desk
Industry blogger Alex Bunardzic writes in his 'Ethical Software by Alex Bunardzic' blog: 'Now that Microsoft has jumped onto the web 2.0 bandwagon, it is more than obvious that Web 2.0 is dead as a doornail. Everyone knows by now that anything Microsoft touches turns into this big slim...
By Jeremy Geelan
'While the last decade was focused on the Web, the next phase in the evolution of our industry will be on the convergence of Web, mobile and desktop applications and the ability to extend existing applications with these new technologies for a consistent user experience regardless of h...
By Jeremy Geelan
Join Scott Guthrie as he discusses Microsoft’s commitment to web standards development, Rich Internet Applications and how Microsoft is contributing to help move the web forward. Join Adobe’s Kevin Lynch as he demonstrates how Flash and HTML come together to make the most engaging,...
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON FEATURED WHITEPAPERS

MOST READ THIS WEEK
By Virtualization News Desk
By James Hamilton
By Brandon Wybenga
By Cloud Computing News Desk
By Annrai O'Toole
By James Hamilton
By David Crossland
By SOA World Magazine News Desk
By Thorsten von Eicken
By Christofer Hoff
By David Linthicum
By Jeremy Geelan
ADS BY GOOGLE