Issues in Ajax Application Security

Site Sponsor:

Now Available:

Featured Resource:

Realtime Communities

Email Address:

Monthly Archives

Complete Archive

RSS

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« 'Good' Spyware for Tracking Employees | Main | 4 Rootkit Countermeasures You Should Know »

Ajax allows developers to easily develop complex, interactive Web applications. It also brings with it all the vulnerabilities of it's constituent technologies and protocols. To take advantage of the benefits of Ajax without introducing vulnerabilities due to the complexity of our applications we need to follow certain development best practices. This podcast first examines some of the security issues with Ajax from a technical perspective and then discusses four key elements of software development and life cycle management procedures to reduce risks of introducing vulnerabilities into our applications.

MP3: Dan Sullivan - Issues in Ajax Application Security

Click here to add this podcast to your iTunes

Tags: Ajax application development application security application server security CSRF database security vulnerability scanning Web server security XSRF XSS

Posted by Dan Sullivan on October 28, 2007 5:29 PM | Permalink

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/496

Search

Most Active Posts

Changes to Election Results Demonstrate e-Voting Vulnerabilities comments (1)
Microsoft Patents Privacy Policy Notification Mechanism comments (2)
Skype Worm Hits Windows comments (2)

Library Resources

Latest White Papers

Blog Roll

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net