JSFoo 2014

JavaScript as the centerpiece of a complex web stack

Safety Not Guaranteed

Submitted by Akash Mahajan (@makash) on Friday, 18 July 2014

videocam_off

Technical level

Beginner

Section

Crisp talk

Status

Confirmed & Scheduled

View proposal in schedule

Vote on this proposal

Login to vote

Total votes:  +9

Objective

There is a lot of talk about how it makes sense to move Business Logic to the browser using one of the new JavaScript MVC frameworks. The question is how safe are these? How do they think about security? Have they had to face security issues, if yes how did they deal with them in the past.

Description

In about 30 minutes, we will look at the various JavaScript MVC frameworks out there and quickly figure out how they think about security. We will look at some of the security issues already found and how these frameworks and the people behind them responded.

Requirements

Come with an open mind that JS Frameworks are written by humans who can make mistakes.

See the following movie and come attend the talk.

Safety Not Guaranteed is a 2012 movie about time travel. IMDB

Poster

Speaker bio

I am not the best person to do this session. I am not really a JavaScript developer or I am the best person to find the flaws in JS frameworks. But I would like to learn about this and speaking at a conference allows me to do just that. Now I have a deadline and a scope (for learning) and I do know someone @skeptic_fx and his blog whose help I can seek.

Those of who are looking for a more traditional Bio

That Web Application Security Guy @ The App Sec Lab

I run The App Sec Lab a security company that helps companies become secure. If you are confused about anything in security come and talk to me and I can help you with a roadmap on how to become secure and stay that way.

I am the co-founder+Community Manager for “null - The Open Security Community” and Co-Chapter Lead for OWASP Bangalore

Links

Comments

Login with Twitter or Google to leave a comment