Cloud Security Authors: Elizabeth White, Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Liz McMillan

Related Topics: Cloud Security

News Feed Item

Video: SPI Dynamics Announces the Addison-Wesley Professional Digital Short Cut Secure ASP.NET AJAX Development Written by Jason Schmitt, the Company's Group Product Manager and AJAX Development Expert

Highlights Coding Best Practices and Security Challenges to Demystify Secure AJAX Development

ATLANTA, March 19 /PRNewswire/ -- S.P.I. Dynamics, Inc. (http://www.spidynamics.com/), the leading provider of web application security testing software and services, today announced the new release of the digital Short Cut titled, Secure ASP.NET AJAX Development authored by the company's Group Product Manager, Jason Schmitt, who oversees strategy for SPI Dynamics' developer and quality assurance security testing solutions. The digital Short Cut PDF published by Addison-Wesley Professional, an imprint of Pearson Technology Group, highlights the security challenges of AJAX web applications and best practices for secure web application development with AJAX technologies. Short Cuts are concise PDF documents about a cutting-edge technology that shows great promise, or an existing technology that has reached the "tipping point" and is about to take off.

To view the Multimedia News Release, go to: http://www.prnewswire.com/mnr/spidynamics/27418/

SPI Dynamics has maintained aggressive research on AJAX for several years to ensure the entire SPI Dynamics' product line addresses the security of this rapidly growing technology. The release of Secure ASP.NET AJAX Development is another example of the company's abundant expertise in the area of AJAX security and cutting-edge technologies that define the future of web applications and Web 2.0. Microsoft's ASP.NET AJAX technologies, commonly known by the codename "Atlas," and other AJAX frameworks are changing the way web applications look and are developed, but web developers are often unaware of the security risks they are introducing into their applications with these emerging technologies.

AJAX fundamentally changes the user experience and server interaction in web applications, so developers may be taking otherwise secure applications and opening up new angles of attack for hackers. Secure ASP.NET AJAX Development outlines the increased security risk inherent with AJAX technologies and addresses how developers can use Microsoft's ASP.NET AJAX to implement secure AJAX applications. The Short Cut discusses web application security pitfalls that are common in AJAX development, given its focus on increased client processing and more frequent access to web services and databases. In addition, the digital Short Cut focuses on a few key security principles for AJAX developers-demystifying AJAX security and teaching how to develop secure AJAX applications using ASP.NET AJAX Extensions. The Short Cut concludes with a walkthrough of security testing best practices that will help effectively uncover security problems in AJAX applications during development and testing.

About the Author

Jason Schmitt is Group Product Manager for SPI Dynamics where he is responsible for overseeing product strategy and direction for the company's developer and QA products, DevInspect(R) and QAInspect(R), that help build and test secure web applications. Jason's expertise extends from product management and product development to technical consulting. His background includes senior management at EzGov in product engineering where he managed product development teams in the design, implementation and delivery of web application framework and development products for e-government, as well as consulting management where he managed projects and programs of web application development for federal, state and international governments. Prior to EzGov, Jason was a technical consultant for Ariba, and a consultant for telecom companies for Anderson Consulting. Jason often contributes articles to industry publications on secure software development. Jason holds a Bachelor of Mechanical Engineering from the Georgia Institute of Technology and a Masters of Business Administration from Georgia State University.

For more information on Secure ASP.NET AJAX Development, please visit http://www.informit.com/bookstore/product.asp?isbn=0321498100&rl=1. For more information on SPI Dynamics and securing web applications throughout the development process, please visit http://www.spidynamics.com/.

For more information on AJAX security threats and their impact, the following materials from SPI Dynamics are available:

-- White paper - "AJAX Security Dangers" http://www.spidynamics.com/assets/documents/AJAXdangers.pdf -- On Demand Webcast - "AJAX (in)security" https://download.spidynamics.com/registration/AJAX_webcast.asp About Short Cuts

Short Cuts are concise PDF documents designed specifically for busy technical professionals, published by the imprints of Pearson Technology Group. Short Cuts are tightly focused on a specific technology or technical problem. This may be a cutting-edge new technology that shows great promise, or it may be an existing technology that has reached the "tipping point" and is about to take off. Either way, written by industry experts and best selling authors, Short Cuts are the short cut to technical mastery. Short Cuts Digital PDFsNEW

About S.P.I. Dynamics, Inc.

SPI Dynamics' comprehensive suite of products and services identify and remediate web application and web services security vulnerabilities throughout the application development lifecycle. These award-winning solutions also enable security professionals, QA testers, and developers to work together to verify compliance with over 22 security policies such as SOX, HIPAA and PCI. SPI Dynamics has the most application security testing customers worldwide - over 950 clients among Global 2000 enterprises, including four out of five of the world's largest banks and nine out of ten of the largest banks in the U.S., four out of five of the largest software companies, three out of four of the largest aerospace and defense companies, the four largest accounting firms, the five largest telecommunications companies in the U.S., six out of eight of the largest technology hardware and equipment companies, two out of three of the largest healthcare companies, and over ninety U.S. Federal agencies. The Company is one of the fastest growing in the security industry, ranked 83rd on Deloitte and Touche's "Fast 500" list of growing technology companies nationwide and 220th on the Inc. 500. SPI Dynamics has strategic partnerships with Microsoft, IBM, HP and Visa. The Company's R&D team, SPI Labs, is widely recognized as a world leading authority on web application security and risk management. For more information, visit http://www.spidynamics.com/ or call (866) 774-2700.

DevInspect and QAInspect are registered trademarks of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.

S.P.I. Dynamics, Inc.

CONTACT: Ashley Vandiver of SPI Dynamics, +1-678-781-4841, Mobile,
+1-404-432-8657, [email protected]; or Michelle Schafer of Merritt
Group, +1-703-390-1525, Mobile, +1-703-403-6377, [email protected], for
SPI Dynamics

Web site: http://www.spidynamics.com/

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...