Exclusive updates on:

You are now in FULL VIEW

CLOSE FULL VIEW

SOA Threat Modeling: Attacking and Defending REST, XML and SOAP-based Services
Recorded at:

by Jason Macy on Jan 18, 2011 |

View Presentation

MP3
|
Slides
download

Summary
Jason Macy explains what are the security threats targeting SOA implementations, the basic requirements for security testing and SOA gateway, attack examples and countermeasures to protect against SQL Injection, DoS, XSD Mutation, and Identity type of attacks.

Bio

Jason Macy is the CTO at Crosscheck Networks, responsible for SOA Web Services based technologies. He previously served as VP of Engineering for Forum Systems, developing the industry's only FIPS certified hardware security gateway for XML and SOA. He was also architect for Raytheon responsible for testing and commissioning the Air Traffic Control system at Schipol Airport in Amsterdam, Holland.

The International SOA Symposium is a yearly event that features the top SOA experts and authors from around the world, providing a series of keynotes, talks, demonstrations, panels, and SOA training and certification workshops - all with an emphasis on realizing SOA in the real world.

Related Editorial

Related Vendor Content

451 Group Analyst Report: Review of Intel & Mashery API Management Platform

API Management - Application Security Made Easy

Cluster-Wide Caching & Scaling for the Cloud - A Look Inside Resin 4.0

A Unified Mobile Architecture for the Modern Data Center

Enterprise-class API Patterns for Cloud & Mobile

Related Sponsor

*Cloud API Management – the Service Gateway Approach
*451 Group Analyst Report: Review of Intel & Mashery API Management Platform

Hello stranger!

You need to Register an InfoQ account or to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Community comments

How to avoid XMLS SQL attacks by Tor Arne Kvaløy Posted

Informative presentation by Robert Sullivan Posted

Nice presentation by Bruno Vernay Posted

How to avoid XMLS SQL attacks by Tor Arne Kvaløy

Avoid this attack by not including SQL statements in your web service! :)

Informative presentation by Robert Sullivan

Very interesting. Thanks for posting this informative presentation!

Nice presentation by Bruno Vernay

I like the end where he outline the point that security and identity enforcement points are not anymore in the application.
Welcome SAML and XACML.

Close

by

on

Close

Close

Close

Popular
Week
Month
6 months

Personalize Your Main Interests

Development

Architecture & Design

Process & Practices

Operations & Infrastructure

Enterprise Architecture

General Feedback

feedback@infoq.com

Bugs

Advertising

sales@infoq.com

Editorial

editors@infoq.com

InfoQ.com and all content copyright © 2006-2013 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy