Freeing Sisyphus: Declaratively Addressing Web Security Issues presented at HITBSecConf Malaysia 2009

by Lucas Adamski,

Tags: Security Web

Summary : Freeing Sisyphus: Declaratively Addressing Web Security IssuesPresentation AbstractAnother security conference, and another batch of cross-site scripting, cross-site request forgery, phishing and SSL man-in-the-middle talks. Sometimes these issues are design or implementation flaws in the web infrastructure (browsers, servers, routers, DNS, etc) but in many cases it seems like we have become resigned to these being just facts of life on the dangerous interweb.However, that might be finally changing. This talk will review some of the previous mitigations that have been implemented or suggested, and will dive into depth of some of the new features coming down the pipe.About LucasLucas Adamski heads up the security team at Mozilla, herds bugs, and tries hard to make the Internet a happier and safer place. Previously, Lucas was a Security Architect at Adobe focused on Flash Player and AIR. He also worked at @stake and developed security managed services software at Breakwater Security.