Wednesday, November 20 • 2:00pm - 2:50pm
Javascript libraries (in)security: A showcase of reckless uses and unwitting misuses.

Sign up or log in to save this to your schedule and see who's attending!

Client side code is a growing part of the modern web and those common
patterns or libraries, that are supposed to help developer's life,
have the drawbacks to add complexity to the code exposing unexpected
features with no or little warning.
We will focus on the most popular JavaScript libraries such as jQuery,
YUI etc and common design pattern, describing how happens
that wrong assumptions can lead to unexpected, unsafe behavior.
Several code example and live demos during the talk will try to clear both
exploitation techniques and positive coding strategies.
The presentation will also show some interesting case study, collected
and identified during two years of real world applications analysis.

avatar for Stefano Di Paola

Stefano Di Paola

CTO and Co-Founder, Minded Security
Security since 2000, application security since 2004, when I made http://www.wisec.it and published several advisories. Stefano Di Paola is the CTO and a cofounder of Minded Security, where he is responsible for the Research and Development Lab. Prior to founding MindedSecurity, Stefano... Read More →

Wednesday November 20, 2013 2:00pm - 2:50pm
Belasco & Broadhurst (5th Floor) NY Marriott Marquis

Attendees (0)