Web 2.0 Security
Adopting Web 2.0 as the new, user-centric, service-oriented platform offers both irresistible business opportunities and undeniable security threats. The security management challenges posed by Web 2.0 applications, such as social networking sites and microblogs, are numerous, as are the security vulnerabilities inherent in the underlying Internet infrastructure and scripting languages. How do you balance the benefits against the risks?
The two-day Web 2.0 Summit 'track' at SX will provide in-depth answers to questions such as:
- What is on your secure browser wish list, and how do Microsoft Azure, Google Chrome, Internet Explorer 8 and other projects stack up?
- Are any of the new browsers and platforms truly prepared for cloud computing, and is the cloud is ready to handle business-critical activities?
- How do you balance the benefits cloud computing can provide (great defenses against denials of service), against the risk of exacerbating the Web's already considerable security and compliance troubles?
- How do you measure the effectiveness of your organization's security efforts?
The Web 2.0 Summit will show you how to embrace Web 2.0 now as securely as is currently possible, and how to effectively work with Web developers now to head off the security problems of the future.
Session Descriptions
Sunday, May 17
1:30 pm–3:45 pm
Criminals are using the Web as a vector, and crafting more sophisticated, exceptionally targeted attacks (often capitalizing on the uncertain economy). Who are the prime targets? The Web Summit begins by examining pervasive vulnerabilities in Web-based applications and Web programming languages, and then digging into the myriad ways attackers can and are exploiting these vulnerabilities. The discussion continues with how to assess the effectiveness of your efforts to both secure your organization's own Web site and protect your sensitive data from attacks launched from other vulnerable Web sites.
Sunday, May 17
4:00 pm–5:00 pm
Who needs to exploit vulnerabilities when there are plenty of malicious ways to use legitimate applications? Social networking sites and Internet-capable mobile devices have created demand for an explosion of unvetted Web apps, and have created a culture in which personal information, business information, images, videos and audio files are all widely (and sometimes indiscriminately) shared. Is the answer simply to block those sites and devices? This segment of the Web Summit will discuss whether there are better ways to effectively manage these risks to data security-even when end users are off the clock and outside the network.
Monday, May 18
1:30 pm–2:30 pm
Criminals have already had grand success using the Web as an attack platform. Will cloud computing make attackers' job even easier, and exacerbate the already considerable risks of using Web applications for business-critical functions? On Monday, the Web Summit examines the risks of cloud computing, taking a look at what some cloud service providers are currently doing to secure cloud users' assets.
Monday, May 18
2:45 pm–3:45 pm
Despite the risks, cloud computing can also be used for good. Monday afternoon we'll look at how the widely distributed nature and superior load-balancing capabilities of the cloud can provide a tremendous defense against denials of service. Further, at how cloud-based and other Web-based security tools may actually bolster security efforts.
Monday, May 18
4:00 pm–5:00 pm
What about the browser? A browser is in a place to both protect the local device from Web-borne threats and thwart attacks that take place solely within the Web; yet none of the market-leading browsers are having success at either aim. The Web Summit wraps up by deciding what we should ask of next-gen browsers and Web-based platforms, and examining how IE8 and Google Chrome stack up.
Other Tracks:
