Black Hat Webcast No. 8

Rich Internet Application Security

Thursday, February 26 1:00 pm PST/4:00 pm ET • FREE

Speakers:

• Jeff Moss, Founder and Director of Black Hat
• Billy Hoffman, HP
• Alex Stamos, iSec
• Peleus Uhley, Adobe

WebSync Version

Audio Version

Overview:

Rich Internet Application (RIA) frameworks are seeing an enormous growth in popularity - technologies like Ajax and Flash create nearly unlimited opportunities to expand and improve the web user experience. They also bring with them a host of new security risks. The popularity of these frameworks among application developers insures that we'll see more attacks and issues in the months and years ahead.

Join Black Hat Founder and Director Jeff Moss and his guests Billy Hoffman of HP and Alex Stamos of iSec for a lively discussion of new issues and security implications in the world of Rich Internet Applications.

Billy Hoffman

Billy Hoffman is the manger for HP Security Labs of HP Software where he leads research focused on JavaScript source code analysis, automated discovery of Web application vulnerabilities, and web crawling technologies. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. Billy is regular presenter at hacker conferences including Toorcon, Shmoocon, Phreaknic, Summercon, and Outerz0ne and is active in the South East hacking scene. Occasionally the suits make him takes off the black t-shirt and he speaks at more mainstream security events including as RSA, Infosec, AJAXWorld, and Black Hat. Billy is also the author of the book Ajax Security published by Addison Wesley in December 2007.

Alex Stamos

Alex Stamos is a Founding Partner of iSEC Partners and is an experienced security engineer and consultant specializing in application security and incident response. He is a leading researcher in the field of web application and web services security and has been a featured speaker at top industry conferences such as BlackHat, DefCon, SyScan, Infragard, Microsoft BlueHat, Toorcon, the Web 2.0 Expo and OWASP AppSec. He holds a BSEE from the University of California, Berkeley, and spends his spare time chasing his baby son and sailing on the SF bay.

Peleus Uhley

Peleus Uhley is a senior security researcher within the Secure Software Engineering team at Adobe. His primary focus is assisting with Adobe platform technologies, including Flash Player and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to be a security consultant for @stake and Symantec.