Re: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security

["pdp (architect)" <pdp.gnucitizen@xxxxxxxxxxxxxx>]

I am curious to know what Hacking Exposed Web2.0 is going to be
about... certainly not what I am thinking, I guess.

On 8/15/07, Billy Hoffman <Billy.Hoffman@xxxxxxxxxxxxxxx> wrote:
>
>
>
>
> Just to be clear: Despite Andre putting all our names in the same sentence,
> Christopher Wells wrote his book by himself for O'Reilly. Bryan Sullivan or
> I have had no contact with him. We've been busy writing our own book, Ajax
> Security, for Addison Wesley.
>
>
>
> In the interest of fairness, other people are working on some books in this
> area as well. I know that Andrew Van Der Stock put his on hold with all the
> moving and job stuff he's been up to. The iSec guys (Alex, Zane, etc) are
> putting out a Hacking Exposed Web 2.0 book sometime this fall as well.
>
>
>
>
> Hope this helps,
>
> Billy Hoffman
>
> --
>
> Lead Researcher, SPI Labs
>
> SPI Dynamics, An HP Company
>
> http://www.spidynamics.com
>
> Phone:  678-781-4800
>
> Direct:   678-781-4845
>
>
>
>
>
> Attend SPICON 2.0 - SPI Dynamics' User Conference - and earn CPE credits.
>  Sign up today at http://www.spicon2007.com/.
>
>  ________________________________
>
>
> From: Dean H. Saxe [mailto:dean@xxxxxxxxxxxxxxxxxxxxxx]
>  Sent: Tuesday, August 14, 2007 9:27 AM
>  To: WASC Forum
>  Subject: Re: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security
>
>
>
>
> Reading this threat I picked up a copy of the Securing AJAX Applications
> book by Christopher Wells.  Too bad it only briefly touched on anything
> specific to AJAX.  Honestly this was the first O'Reilly book I have ever
> regretted purchasing since it has very little useful information that is
> related directly to its title.  If you want a high level, generic view of
> web app security, this might fit the bill...
>
>
>
>
>
>
>
>
>
> -dhs
>
>
>
>
>
>
> Dean H. Saxe, CISSP, CEH
>
>
> dean@xxxxxxxxxxxxxxxxxxxxxx
>
>
> "To announce that there must be no criticism of the president, or that we
> are to stand by the president right or wrong, is not only unpatriotic and
> servile, but is morally treasonable to the American public."
>
>
>     -- Theodore Roosevelt
>
>
>
>
>
>
>
>
>
> On Aug 11, 2007, at 11:17 PM, Billy Hoffman wrote:
>
>
>
>
>
> Andre,
>
>  I will be putting up the slides on SPI's website very soon (we are all a
> little business with post black hat stuff and the HP merger). I'll forward
> the slides to you directly as well as a copy of the free chapter.
>
>  Thanks for the interest, its going to be an awesome book,
>  Billy Hoffman
>  --
>  Lead Researcher, SPI Labs
>  Phone:  678-781-4800
>  Direct: 678-781-4845
>
>  -----Original Message-----
>  From: andreg@xxxxxxxxx on behalf of Andre Gironda
>  Sent: Fri 8/10/2007 7:59 PM
>  To: websecurity@xxxxxxxxxxxxx
>  Subject: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security
>
>  When searching for "Securing Ajax Applications", I came across this link:
>
> http://money.cnn.com/news/newsfeeds/articles/prnewswire/CLM00730072007-1.htm
>
>  What I was really looking for was this - http://isbn.nu/9780596529314
>
>  But after reading both, I'm convinced that Christopher Wells, Billy
>  Hoffman, and Bryan Sullivan really know their stuff and explain all of
>  the concepts rather well.
>
>  Did anyone get a free print copy of the sample chapter from "Ajax
>  Security" after the `Premature Ajax-ulation' talk?  I'd be interested
>  to hear which chapter they included.  I'm also having a hard time
>  finding the slides for that presentation.  Will someone please point
>  me in the right direction?
>
>  Cheers,
>  dre
>
> ----------------------------------------------------------------------------
>  Join us on IRC: irc.freenode.net #webappsec
>
>  Have a question? Search The Web Security Mailing List Archives:
>  http://www.webappsec.org/lists/websecurity/
>
>  Subscribe via RSS:
>  http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
>
>
>


-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]