Description:
This is the video of the presentation titled "
RIA Security: Real-World Lessons from Flash and Silverlight" given at
BlueHat 09.Abstract: With great power comes great responsibility. Rich Internet Application frameworks like Adobe Flash and Flex and Microsoft Silverlight allow developers to create unique and exciting Web applications; but if the technologies are misused, they can also allow developers to create unique and exciting Web application vulnerabilities. Furthermore, some unscrupulous people have been known to craft intentionally malicious Flash and Silverlight applications with the intent of tricking good, honest people into hosting these applications on their own Web sites.
This session will explore these issues from both the Flash and Silverlight perspectives. Learn how to create more secure RIA applications, how to identify potentially malicious RIAs before hosting them on your site, and what the Flash and Silverlight teams are doing to help protect our customers.
Speaker Bios: Peleus Uhley is a senior security researcher within the Secure Software Engineering team at Adobe. His primary focus is assisting with Adobe platform technologies, including Flash Player and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to be a security consultant for companies such as @stake and Symantec.
Jesse Collins is a senior security engineer on the Silverlight team. He started his security career in 2005 by training with David Ross and his MSRC researchers for a while before working on WPF. Today, he helps secure the Silverlight platform through fuzzing, hacking, and begging devs to run OACR. Jesse also helps guide customers and Microsoft product teams about how to write secure Silverlight applications.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: