Channel 8:
Jean-Philippe Courtois talks about technology and how students are changing the world
Channel 8:
Your Favorite EdVangelist in Paris!
Channel 8:
Imagine Cup 2008 Mug Shots
Channel 10:
Come join the fun at Imagine Cup 2008
Channel 8:
Joe Wilson Imagine Cup 2008 Video Blog: Day 00
Channel 10:
Media Center University Part 3
Channel 9:
Pex - Automated Exploratory Testing for .NET
WindowsClient:
MbUnit v3 in Visual Studio Team System 2008
Channel 10:
Control PowerPoint With Your Phone
Channel 10:
Obama Deep Zoom
ASP.NET:
How I got started in programming.
WindowsClient:
WPF Composite Application Guidance is Live
Channel 8:
Joe Wilson Imagine Cup 2008 Video Blog: Day -01
WindowsClient:
MbUnit v3 beta 3 updates
WindowsClient:
This Week's WPF Video: Extend Control Functionality Using XAML Attached Properties
ASP.NET:
Visual Studio 2008 Web Server Here shell extension
Silverlight:
Zen Presentation
Channel 10:
Ask Maps Are Now Virtual Earth
Channel 10:
Dashwire 2.0 Launches: Backup Your Phone and Sync Content To Social Web
ASP.NET:
The Weekly Source Code 30 - VB.NET with XML Literals as a View Engine for ASP.NET MVC
Microsoft Communities
ASP.NET
Channel 8
Channel 9
Channel 10
IIS.NET
Silverlight
TechNet Edge
WindowsClient
Mix Online
Sign In
|
Register
0 Online
Home
About
Phizzpop
University
MIX09
Worldwide
Mix08 Sessions
Related Entries
Content is King
Blogs:
News
Posted By:
Beth Goza
Jan 3rd, 2007 @ 12:00 AM
Comments:
1
Party, Party, Party
Blogs:
News
Posted By:
Beth Goza
Jan 3rd, 2007 @ 12:00 AM
Comments:
0
Voices Represented: MIXnMASH
Blogs:
News
Posted By:
Beth Goza
Jan 3rd, 2007 @ 12:00 AM
Comments:
0
Spidynamics and AJAX Security
Posted By:
Joshua Allen
|
Jun 5th, 2007 @ 8:56 PM
Back when the first web browsers were becoming publicly available, I used to find network security vulnerabilities for organizations connected to the Internet. When someone released a tool that could automatically find vulnerabilities in your network,
the whole industry was in uproar
for awhile. Now people realize that the hackers already make their own tools, and you might as well put tools like this in the hands of the good guys.
While we did sometimes find holes in
HTML's predecessors
, the web has opened up a whole new world of possibilities for attackers. Especially with the rise of AJAX, many developers write code without being completely aware of the potential for injection, cross-site scripting, and other exploits. One of my favorite sessions from Web 2.0 Expo this year was the talk on
"Vulnerabilities 2.0" by Alex Stamos
, where he showed off effortless exploits. People shouldn't take AJAX security lightly.
At MIX07, we had a number of
industry experts talk about AJAX exploits and security
. One of the panelists was Dennis Hurst of
SPIDynamics
. SPIDynamics makes software that can scan your site for AJAX vulnerabilities, regardless of which toolkit you use. We interviewed him to find out more about the tool, and about AJAX security in general.
Tags:
MIX07
Comments (0)
|
Downloads
|
Share
Facebook
Del.icio.us
Digg
iPod (MP4)
MP3
PSP (MP4)
WMA
WMV
WMV (High)
Zune
Page Navigation
page {0} of {1}
next
last
Tags:
Editor.TagHelpText
FileUploader.Label
FileUploader.NoFile
FileUploader.Add
FileUploader.RemoveFile
FileUploader.CancelFile
FileUploader.HelpText
Cancel
Edit
Add
Saving...