Blinded By Flash: Widespread Security Risks Flash Developers Dont See presented at ShmooCon 2009

by Prajakta Jagdale,

Tags: Security Web Analysis Development

Summary : Slides
In a rush to adopt the dazzling Flash technology, website developers tend to use quick and dirty hacks to get their applications to work and in the process sidestep any security features provided by the technology. The presentation will look at Flash applications encountered in the wild that are a result of insecure development practices and demonstrate the ease with which they can be compromised.
Prajakta Jagdale is a Research Engineer with the HP Web Security Research Group. Prajakta focuses on automated discovery of Web application vulnerabilities and crawling technologies. Her current research efforts are concentrated towards identifying security risks associated with RIA technologies. This research involves developing innovative techniques to enable automated web assessment tools to crawl and analyze RIA applications through the use of both static source code analysis and dynamic runtime analysis