Monday, January 26, 2009

Infosecworld 08 - Presenting Research...

H8 Defending Against the Worst Web-Based Application Vulnerabilities in 2009 DEMO
Date: Wednesday, 11 March 2009
Time: 9:45am - 1pm
Track: Application Security

• Next generation attacks: SQL over JSON, XSS with RSS feeds, XPATH over SOAP
• Understanding the wide-spread XSS and CSRF attacks – why they help to build the worst kind of next generation Web-based worms and viruses spread through cross domain iframes
• Why scanning and detecting these application layer vulnerabilities are important for corporate enterprises
• How to defend against these attacks by providing content filtering over HTTP both for incoming and outgoing
• Source code scanning for Web 2.0 applications to protect applications against developer's mistakes
• Key tools and methodologies for both attacks and defense

Go To InfoSecWorld

Tuesday, January 20, 2009

HITB in Dubai

At HITB Dubai we are going to have web security training and presentation on our new research methodology for Application Source Code Scanning for Web 2.0 Applications.

Here is a link to the training - GO