April 24th, 2007

With 2.0 sites taking the web by storm, security is an ever important aspect of development. This near-Spring April, we welcome back New York PHP regular Chris Shiflett to discuss the latest in security.

Web 2.0 has been described as many things. It's the Web as a platform, a network of networks, the architecture of participation. However you choose to define it, the way we build applications online has changed. Web sites do more by empowering users, but this has opened a Pandora's box. Cross-site scripting (XSS), cross-site request forgeries (CSRF), and Ajax are being combined in creative new ways to launch sophisticated attacks that penetrate firewalls, target users and spread like worms. This talk examines this new threat, dubbed Security 2.0, by demonstrating some hypothetical and real exploits as well as discussing methods of safeguard and prevention.

Thanks to IBM for providing a great presentation space with seating for plenty.

As a service to our community, New York PHP user group meetings are always free and open to the public.