Case Notes from a Vulnerability Assessment of a Bank’s Web Services

  1. What happened when a Bank allowed security experts to try to breach the protection of its Web Services
  2. How a vulnerability assessment of a bank's Web Services was undertaken.
  3. Established attack vectors are applied to the Web Services paradigm.
  4. Description of battery of tests and uncovered vulnerabilities are analyzed.

Security for AJAX and Web 2.0 [RSA Conference 2007]

  1. What is web 2.0
  2. Applying security to web 2.0
  3. How is XML security relevant for web 2.0

Security for REST Web Services [RSA 2006, San Jose]

  1. What is "REST" anyway? How is it different fro SOAP?
  2. Applying security to REST
  3. Reference architecture to protect both REST and SOAP

Mapping Security to an SOA [RSA 2005, San Francisco]

  1. what is a “Services Oriented Architecture” ?
  2. How do you go about creating a “Services Oriented Architecture”?
  3. Just how important are XML and SOAP for a Services Oriented Architecture ?