February 25, 2009
Fundamentals of Web Application Security
These days, consumers demand extensive functionality available through the web. Call it user generated content, or Web 2.0, or rich internet applications... Whatever we call it, the prevailing web is creating a plethora of new security risks for IT professionals. The last decade's security practices of SSL, IPS, IDS, firewalls, and OS hardening make little difference in defending against popular attacks such cross-site scripting, code injection, header injection, session fixation, SQL injection, and insufficient service authorization.
This seminar will help you learn some of the fundamentals of web application security, and what you can do to steer clear of the most common mistakes. An overview of notable system compromises will be reviewed, and examples will be drawn from AJAX and PHP.
Wade Arnold is the CEO of T8Design, a rich media and application firm located in Cedar Falls, Iowa. T8DESIGN works with hundreds of community banks and other medium- to enterprise-level customers, including Nike, McDonalds, John Deere, AT&T, the Department of Defense, CKE Restaurants, and Lindsay Corporation. At T8Design, Wade is responsible for strategic planning, product development, and creating an exciting and rewarding corporate environment. Wade is an alumnus of the Computer Science program at UNI and earned an MBA from the University of Iowa.
Wade has been selected to speak at several national software development and security conferences. He is involved passionately in open source Flash, Flex, and PHP development, and aligns T8Design behind these initiatives. Arnold has an active dialog with Adobe and Zend and actively participates in prerelease beta development. He is the lead developer of Zend Amf, an open-source implementation of the action message format. In 2008, Arnold co-authored The Essential Guide to Open Source Flash Development, and in 2009, he co-authored the Zend Contributor's Guide to PHP.
You can follow Wade on Twitter.
(the old East Gym)
Cedar Falls, Iowa
ph. (319) 273-2618
fax (319) 273-7123
With distributed computing, the devil is in the details. That's because a programmer is dealing with all sorts of different hardware and networks. Meshing all of these elements presents a significant challenge that Paul Gray, associate professor of computer science, is leading the charge to solve... [more]