- Topics
- Security,
- Architecture
In this presentation filmed during QCon SF 2007, Jeff Williams addressed two major security holes threatening the world of Web 2.0 applications: Cross Site Request Forgery (CSRF) and Advanced Cross Site Scripting ((XSS). After explaining the threats and how they work, Jeff presented the countermeasures to be taken in order to avoid them.
- Topics
- Security,
- Java,
- Design,
- Open Source,
- Web Services,
- Architecture
Every organization should define a standard way for developers to perform common security-related actions - authenticating, access control, validation, encoding, encryption, logging, error handling, and more.
In this talk, Jeff discuss the process of establishing a security API for your enterprise, focusing on the most critical methods needed by web application and web service developers.
