Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. By making security part of the process from the start, you will learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.
An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
Web security basics, including common vulnerabilities, common cures, state management and session management
How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
How to secure web services, build secure APIs, and make open mashups secure
Securing Ajax Applications takes on the challenges created by this new generation of web development, and demonstrates why web security isn't just for administrators and back-end programmers any more. It's also for web developers who accept the responsibility that comes with using the new wonders of the Web.
Christopher Wells has deployed security solutions for major healthcare, telecommunication, and financial industries, and is currently employed as an Information Security Consultant for a major financial institution. He is an accomplished applications security architect with over 10 years of application security experience. Christopher holds multiple security certifications including a Certified Information Security Systems Professional (CISSP), and holds a Bachelor degree from the University of Minnesota.