Sponsors
  • Intel
  • Microsoft
  • Google
  • Sun Microsystems
  • BT
  • IBM
  • Yahoo! Inc.
  • Zimbra
  • Atlassian Software Systems
  • Disney
  • EnterpriseDB
  • Etelos
  • Ingres
  • JasperSoft
  • Kablink
  • Linagora
  • MindTouch
  • Mozilla Corporation
  • Novell, Inc.
  • Open Invention Network
  • OpSource
  • RightScale
  • Silicon Mechanics
  • Tenth Planet
  • Ticketmaster
  • Voiceroute
  • White Oak Technologies, Inc.
  • XAware
  • ZDNet

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com.

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for more information on trade opportunities with O'Reilly conferences, or contact mediapartners@oreilly.com.

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com.

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required).

Contact Us

View a complete list of OSCON 2008 Contacts

Security 2.0: Emerging Trends in Web Application Security

Web Applications
Location: Portland 252 Level: Intermediate
Average rating: ****.
(4.50, 8 ratings)

Web 2.0 has been described as many things. It’s the Web as a platform, a network of networks, the architecture of participation. However you choose to define it, the way we build applications online has changed. Web sites do more by empowering users, but this has opened a Pandora’s box. Cross-site scripting (XSS), cross-site request forgeries (CSRF), and Ajax are being combined in creative new ways to launch sophisticated attacks that penetrate firewalls, target users, and spread like worms.

This talk examines this new threat, dubbed Security 2.0, by demonstrating some hypothetical and real exploits as well as discussing methods of safeguard and prevention.

Photo of Chris Shiflett

Chris Shiflett

Analog

Chris Shiflett is the Chief Technical Officer of OmniTI, where he leads the web application security practice. Chris is a thought leader in the PHP and web application security communities as well as a prolific writer. He is the author of the critically-acclaimed Essential PHP Security (O’Reilly) and HTTP Developer’s Handbook (Sams). His writing has also appeared in numerous articles for php|architect and PHP Magazine, as well as a number of other popular books including Programming PHP (O’Reilly), PHP Cookbook (O’Reilly), and PHP in Action (Manning).

OSCON 2008