Untitled Document

Frontend engineers, developers, consultants, architects, programmers, project managers and those looking for hands-on, intense technical training to help them stay in front of the latest Web technology!

"The trainer was excellent. The material too."

"The hands-on, although long, was useful and educational."

"All three of the sections had very practical exercises with instant gratification...Hands-on is best!"

"The instructor was good. He answered questions thoroughly."

"Good overview of AJAX, Design Patterns, comparison of frameworks, widgets, recommendations."

"Well designed and organized. Good mix of lecture vs lots of hands-on."

"The hands-on aspect of the class was invaluable."

Untitled Document

AJAX Security Bootcamp

Led by one of the world's foremost AJAX security experts and teachers!

Back By Popular Demand !
The world's first-ever full one-day, totally immersive "AJAX Security Bootcamp"

What: A wild success from the very first time we ran it, AJAXWorld Security Bootcamp is a compelling, intensive, one-day, hands-on training program that will teach Web developers, Web designers, and other Web professionals how to build secure AJAX applications and demonstrate what the best practices are to mitigate security problems in AJAX apps.

When: Being held October 20, 2008 at The Fairmont Hotel in San Jose, CA.

Who: AJAX Security Bootcamp is led by:

Billy Hoffman is a lead security researcher for HP, where he focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus.

Billy has been a featured speaker at previous AJAXWorld RIA Conferences.

Join Billy Hoffman and your fellow attendees at the AJAXWorld Security Bootcamp on October 20. We'll see you in San Jose, California!

AJAX Security Bootcamp Outline

8:30-8:45am Introductions and Participant Goals

Live AJAX hacking demo

Step by step walk through of hacking an AJAX travel site


Web Security

Overview of traditional web security

Resource enumeration attacks

Injection attacks

Information Disclosure

10:30-10:45am Break

AJAX Attack surface

Scoping the application

Input validation

Rich input validation


Transparency in AJAX Applications

Manipulating variables

Control flow tampering

Control logic Denial of Service

Reverse engineering JavaScript

Trapping on-demand AJAX

12:30-1:30pm Lunch

Advanced AJAX Hacking

AJAX hijacking

Presentation layer hacking

Client-side storage


Complex AJAX Application Hacking

Web mashups

Gadgets and Widgets

Offline AJAX application


Audience Hacking Lab

Instructor supervised hacking of AJAX application


Secure AJAX Development and Testing

Secure coding practicess

Framework security features

Testing AJAX applications

Preserving trust

5:15-5:30pm Q&A

Click Here to Register Now and Save!

Untitled Document
Call 201 802-3020 or Click Here to Save $100
Early Bird Registration Price
($100 Savings Expires
September 5th, 2008)
Your registration includes a full day hands-on education, Lunch and Coffee Breaks. Attendees successfully completing the Bootcamp will receive a certificate of completion from AJAXWorld University.


The conference theme of AJAXWorld Conference & Expo 2008, the next San Jose iteration of the world’s most successful and wide–ranging conference and expo series, is "Rich Web Technologies for Enterprise Web 2.0 and Social Applications."

This year at AJAXWorld conferences the relentless focus is not only on where AJAX is now but also where AJAX is headed, where Enterprise Web 2.0 and social applications are taking the software development industry and the end user, and how rich Web technologies are transforming our businesses and our lives. You will learn how AJAX is making money and gaining market-share for some of the leading businesses in the world. (more...)


AJAXWorld Conference Live News Coverage
The official Release Candidate of Windows 7 will be available for download by MSDN and TechNet subscribers from April 30, according to the Windows Team Blog, but public availability won't begin till May 5th.
In ASP.NET 2.0, we introduced a very powerful set of application services in ASP.NET (Membership, Roles and profile). In 3.5 we created a client library for accessing them from Ajax and .NET Clients and exposed them via WCF web services. For more information on the base level ASP.NET ...
Microsoft introduced Silverlight as cross-platform, cross-browser next generation RIA solution. This session will use real world implementations to show you how to build a Silverlight application from start to finish, as well overall strategy why we should or shouldn't use Silverlight....
The Web has evolved into a structured data space of loosely connected databases, enabling granular data access-by-reference to Web-accessible entities, courtesy of HTTP. This evolution and the emergence of AJAX-based RIA technologies lay the foundation for a new generation of libraries...
SaaS based applications continue to grow at a staggering rate. According to software market analysts, SaaS represented approximately 5% of business software revenue in 2005 and, by 2011, 25% of new business software will be delivered as SaaS and will grow at a 21% % annual growth rate ...
Come see a no-slides, code-only presentation that starts with a blank directory and builds a data-driven, AJAX enabled, ASP.NET web application from scratch that implements common AJAX patterns with the rich set of AJAX Control Toolkit, accesses data with LINQ, and implements standards...
Today, there is a wealth of technologies to take advantage of to add AJAX behaviors to your Spring-based Java Web applications. This session will assume you know the basics of AJAX and Spring, and will dive straight into evaluating the leading AJAX technologies, and how to integrate th...
JavaScript is one of the most interesting and misunderstood programming languages in common use today. Most developers will go their entire careers without realizing its full potential. It's not often that you get a language that supports the feature set that JavaScript does, while sti...
As the mobile Web matures, we see more and more people running around airports with their mobile devices in hand, searching for hotel rooms, reading the news, or just playing video games. People are more connected with their mobile phone today than any other electronic device they use....
Apple has introduced a number of extensions to the JavaScript programming language to assist iPhone Web developers. Including new fast lookup functions, native SVG graphics processing, CSS effects, database storage and full screen mode. These new functions will transform the way Web an...