Flash Security

Location: 2010 Level:
Average rating: ****.
(4.00, 1 rating)

The Flash plugin is installed on over 98% of Internet accessible computers, but until recently Flash has not been widely been regarded as a threat to web security.

We discuss common Flash programming and deployment pitfalls that lead to web security issues such as information disclosure, cross site request forgery, and cross site scripting. We demonstrate how attackers find and exploit these issues, and most importantly, we present how developers and system administrators can prevent Flash based security issues on their websites.

Rich Cannings


Rich Cannings is an information security engineer at Google, specializing in web and mobile security. He co-authored “Hacking Exposed Web 2.0: Security Secrets and Solutions” and wrote the first book chapter on Flash security. Rich has a joint master degree in Mathematics and Computer Science specializing in cryptography from the University of Calgary.

  • 3Tera, Inc
  • Ascentium
  • Awareness
  • HiveLive, Inc.
  • ImageSpan
  • Jive Software
  • Juniper Networks
  • Kapow Technologies
  • Keynote Systems
  • LithiumTechnologies
  • Nokia
  • nomee
  • Qtask
  • Rackspace Hosting
  • Remy
  • TamTamy
  • Vignette
  • Yola (fka SynthaSite)
  • Znak
  • IBM
  • eBay
  • Microsoft Corporation
  • Salesforce.com
  • Adobe Systems, Inc.
  • EffectiveUI
  • Germany Trade & Invest
  • NeuStar
  • ONEsite

Sponsor & Exhibitor Opportunities

Natalia Dugandzic

Media Sponsor Opportunities

Matthew Balthazor

Speaker / Program Ideas

Have a suggestion for a speaker or topic at Web 2.0 Expo San Francisco? Send an email to: sf-idea@web2expo.com

Press/Media Inquiries

Maureen Jennings


Natalia Wodecki

Contact Us

View a complete list of Web 2.0 Expo contacts.