The Security Risks of Web 2.0

Presented at DEF CON 17 (2009), Aug. 1, 2009, noon (50 minutes)

Web 2.0 technologies are changing the landscape of the Internet by delivering significant increases in the functionality of websites and providing a more interactive experience to the user. This rapid proliferation of new technologies is also accompanied by new attack vectors that hackers are eager to exploit. I will detail the security risks introduced by web 2.0 and how you can prevent them.

Presenters:

• David Rook
  David Rook works as a Security Analyst for Realex Payments in Dublin. He's an author of the OWASP Code Review Guide and contributes to several other OWASP projects including the browser security framework working group. He has presented at several conferences including OWASP Ireland chapter meetings. David is a member of the OWASP Ireland board and the Irish Internet Association Web Development Working Group helping to publicize web application security within Ireland. In addition to his work with OWASP and the IIA, he has his own security website and blog which can be found here: www.securityninja.co.uk/blog. He has also had articles published in (in)secure magazine. More recently he has found security flaws in the Facebook website and provided guidance to them on how to fix the flaw.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Rook
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - David Rook - The Security Risks of Web 2.0 - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=735e03ru8BA

Similar Presentations:

• THOTCON 0x1 (2010) / Dr. Evil's Guide to Web 2.0
• ToorCon: Seattle (Beta) (2007) / Web 4.0
• DEF CON 13 (2005) / Attacking Web Services: The Next Generation of Vulnerable Apps