Being held for the first time on March 18, 2008 at the historic Roosevelt Hotel in New York City, AJAXWorld Security Bootcamp is a compelling, intensive, one-day, hands-on training program that will teach Web developers, Web designers, and other Web professionals how to build secure AJAX applications and demonstrate what the best practices are to mitigate security problems in AJAX apps.

It is led by one of the world's foremost AJAX security experts and popular teachers, Billy Hoffman.

The full program is below.

Click Here to Register Now and Save!

When:  Monday, March 18, 2008: 8:30AM-5:30PM 

Where:  The Roosevelt Hotel on 45th and Madiscon, New York City

Who:  AJAX Security Bootcamp is led by:

Billy Hoffman is a lead security researcher for SPI Dynamics (www.spidynamics.com), which was purchased by Hewlett-Packard on 01 August 2007. At SPI Dynamics, he focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus.


Billy was a featured speaker at AJAXWorld Conference & Expo 2007 West.

Join Billy and your fellow Bootcamp delegates at the AJAXWorld Security Bootcamp on March 18. We'll see you in New York City!

Click Here to Register Now and Save!

AJAX Security Bootcamp Outline
8:30-8:45am	Introductions and Participant Goals
8:45-9:30am	Live AJAX hacking demo Step by step walk through of hacking an AJAX travel site
9:30-10:30am	Web Security Overview of traditional web security Resource enumeration attacks Injection attacks Information Disclosure
10:30-10:45am	Break
10:45am-11:45am	AJAX Attack surface Scoping the application Input validation Rich input validation
11:45am-12:30pm	Transparency in AJAX Applications Manipulating variables Control flow tampering Control logic Denial of Service Reverse engineering JavaScript Trapping on-demand AJAX
12:30-1:30pm	Lunch
1:30-2:30pm	Advanced AJAX Hacking AJAX hijacking Presentation layer hacking Client-side storage
2:30-3:30pm	Complex AJAX Application Hacking Web mashups Gadgets and Widgets Offline AJAX application
3:30-4:15pm	Audience Hacking Lab Instructor supervised hacking of AJAX application
4:15-5:15pm	Secure AJAX Development and Testing Secure coding practicess Framework security features Testing AJAX applications Preserving trust
5:15-5:30pm	Q&A

Click Here to Register Now and Save!