For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at firstname.lastname@example.org.
For media-related inquiries, contact Maureen Jennings at email@example.com.
To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required).
View a complete list of OSCON 2008 Contacts
Web 2.0 has been described as many things. It’s the Web as a platform, a network of networks, the architecture of participation. However you choose to define it, the way we build applications online has changed. Web sites do more by empowering users, but this has opened a Pandora’s box. Cross-site scripting (XSS), cross-site request forgeries (CSRF), and Ajax are being combined in creative new ways to launch sophisticated attacks that penetrate firewalls, target users, and spread like worms.
This talk examines this new threat, dubbed Security 2.0, by demonstrating some hypothetical and real exploits as well as discussing methods of safeguard and prevention.
Chris Shiflett is the Chief Technical Officer of OmniTI, where he leads the web application security practice. Chris is a thought leader in the PHP and web application security communities as well as a prolific writer. He is the author of the critically-acclaimed Essential PHP Security (O’Reilly) and HTTP Developer’s Handbook (Sams). His writing has also appeared in numerous articles for php|architect and PHP Magazine, as well as a number of other popular books including Programming PHP (O’Reilly), PHP Cookbook (O’Reilly), and PHP in Action (Manning).