Digital Edition

SYS-CON.TV
Web 2.0 Security Session at AJAXWorld 2007 East in New York City
Dan Cornell has been developing and securing web-based software systems for over ten years

The author of Sprajax, an open source tool for assessing the security of AJAX-enabled web applications, will be giving a session in the "Web 2.0" track at AJAXWorld Conference & Expo 2007 East being held 19-21 March, 2007, in New York's Roosevelt Hotel.

Dan Cornell, who regularly speaks for local and regional chapters of several organizations including Java Users Groups, the IEEE Computer Society, Dot Net Users Groups and the Information Systems Audit and Control Association (ISACA), will be giving a session on "Web 2.0 Security" in which he'll explain how, while Web 2.0 technologies and development techniques have opened exciting possibilities for creating new classes of web-based applications, this enhanced web functionality unfortunately introduces a new set of security risks.

"Because the techniques are so new, the risks and countermeasures are not well understood," says Cornell.

His session will explain Web 2.0 technologies and risks to these applications, examine how common web application vulnerabilities translate to Web 2.0 environments, and provide examples of attacks as well as techniques that can be used to mitigate risks.

Cornell's Sprajax -- which he donated to to OWASP -- is an open source black box security scanner used to assess the security of AJAX-enabled applications.

"By detecting the specific AJAX frameworks in use," says Cornell, "Sprajax is able to better formulate test requests and identify potential vulnerabilities."

AJAXWorld 2007 East Conference & Expo Receives
The Largest Number of Sponsor Support for Any Web 2.0 Event in 2007!

SYS-CON Events announced the "charter sponsors" of AJAXWorld Conference & Expo 2007 East which includes; Laszlo Systems (Diamond Sponsor), JackBe (Platinum Sponsor), Adobe (Platinum Sponsor), Cynergy (Platinum Sponsor), Backbase (Gold Sponsor) Google (Gold Sponsor), Nexaweb (Gold Sponsor), ICEsoft (Gold Sponsor), Oracle (Gold Sponsor), Helmi Technologies (Gold Sponsor), JetBrains (Gold Sponsor), TIBCO (Gold Sponsor), Sun Microsystems (Silver Sponsor), Parasoft (Silver Sponsor), Servoy (Silver Sponsor), Etelos (Silver Sponsor),  Microsoft (Expo Plus Sponsor),  Lightstreamer (Exhibitor Plus Sponsor),  IT Mill (Exhibitor Plus Sponsor), FrogLogic (Exhibitor Plus Sponsor), ThinWire (Expo Sponsor), Quasar Tecnologies (Expo Sponsor), Zapatec (Exhibitor Plus Sponsor), MB Technologies Bindows (Exhibitor), OpenSpot (Exhibitor), ILOG (Exhibitor), Passport Corporation (Exhibitor), Manning Publications (AJAX Book Sponsor), Apress (AJAX Book Sponsor), Conference Guru (Media Sponsor), Flash Goddess (Media Sponsor), AJAXWorld Magazine (Media Sponsor), Web 2.0 Journal (Media Sponsor), SYS-CON.TV (Media Sponsor), IT Mill (Media Sponsor), Methods & Tools (Media Sponsor), Web 2.0 Journal (Media Sponsor), and OASIS (Association Sponsor).

About RIA News Desk
Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Hello, very nice site! Please also visit my homepages:
corolla toyota730 toyota corollailf
Thanks!

The author of Sprajax, an open source tool for assessing the security of AJAX-enabled web applications, will be giving a session in the 'Web 2.0' track at AJAXWorld Conference & Expo being held 19-21 March, 2007, in New York's Roosevelt Hotel.

So is Sprajax the first web security scanner developed specifically to scan AJAX?

So is Sprajax the first web security scanner developed specifically to scan AJAX?




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The question before companies today is not whether to become intelligent, it’s a question of how and...
While some developers care passionately about how data centers and clouds are architected, for most,...
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...