This is a multi-faceted tutorial that explores new concepts in web security. After a solid grounding in well-known exploits like cross-site scripting (XSS) and cross-site request forgeries (CSRF), I’ll demonstrate how traditional exploits are being combined together and with other technologies like Ajax to launch sophisticated attacks that penetrate firewalls, target users, and spread like worms. I’ll then discuss some ideas for the future, such as evaluating trends to identify suspicious activity and understanding human tendencies and behavior to help provide a better, more secure user experience.
Hi, I’m Chris Shiflett, a web developer from Brooklyn, NY, and a founding member of Analog, a web design and development co-operative.
I have authored and co-authored a few books — most notably Essential PHP Security and HTTP Developer’s Handbook — and I occasionally write articles for publications like Smashing Magazine, where I also serve on the editorial panel.
My passion for sharing ideas has brought me to a few conferences — including OSCON, Webstock, South by Southwest, and the Future of Web Apps — and events like Foo Camp, Kiwi Foo Camp, and the Microsoft Web Dev Summit.
When not in front of a computer, I can usually be found playing soccer in Prospect Park or riding my single-speed bicycle around Brooklyn.
Comments on this page are now closed.
For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at firstname.lastname@example.org
Download the OSCON Sponsor/Exhibitor Prospectus
For media-related inquiries, contact Maureen Jennings at email@example.com
To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON Newsletter (login required)
Have an idea for OSCON to share? firstname.lastname@example.org
View a complete list of OSCON contacts