Press Release


Email. Email press release link

July 6, 2007

Securing Ajax Applications--New from O'Reilly: Checks and Balances for Greater Security

Sebastopol, CA--"Deciding to add security to a web application is like deciding whether to wear clothes in the morning, " writes security expert Christopher Wells. "Both decisions provide comfort and protection throughout the day, and in both cases the decisions are better made beforehand rather than later."

In his new book--Securing Ajax Applications (O'Reilly, $49.99)--Wells explains: "If your application is on the Internet, it is on the front lines of your network. It is like a door to the outside world that allows visitors to come in and check out whatever you have to offer. Your application needs to be secure and you need to be aware of the dangers an application can open to your network."

That's why Wells aims to teach web developers and programmers how to make vital security decisions before problems arise. And throughout his new book, Wells also systematically explores methods for maintaining web application security in today's open and creative Web 2.0 environment. And he details how to locate gaps and what to do to plug vulnerabilities before attackers take advantage of them.

Securing Ajax Applications covers basic security techniques and examines vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies. Wells, also, clearly and succinctly explains how the same back-and-forth communication that makes Ajax so responsive also gives invaders new opportunities to gather data, make creative new requests of a server, and interfere with exchanges between websites and their visitors. This timely resource teaches developers how to build secure Ajax applications.

Topics include:

  • An overview of the evolving web platform, including APIs, feeds, web services, and asynchronous messaging
  • Web security basics, including common vulnerabilities, common cures, state management, and session management
  • How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash, and Flex
  • How to protect your server, including front-line defense, dealing with application servers, PHP, and scripting
  • Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
  • How to secure web services, build secure APIs, and make open mashups secure

Wells convincingly demonstrates why web security isn't just for administrators and backend programmers. Indeed, web applications don't have security guards to protect them. And there is no enforcer to beat the living bytes out of would-be attackers. Today it's up to web developers everywhere to build security into their applications.

"For applications to succeed they must have our trust," Wells says. "Trust should be earned." Wells urges developers to use security as their distinction --and "Securing Ajax Applications" shows them how.

Christopher Wells has deployed security solutions for major healthcare, telecommunication, and financial industries, and is currently employed as an Information Security Consultant for a major financial institution. He is an accomplished applications security architect with over 10 years of application security experience. Christopher holds multiple security certifications including a Certified Information Security Systems Professional (CISSP).

More information about the book, including table of contents, index, author bio, and samples

Securing Ajax Applications: Ensuring the Safety of the Dynamic Web Christopher Wells ISBN: 0-596-52931-7, $44.99 USD order@oreilly.com
1-800-998-9938; 1-707-827-7000

About O'Reilly

O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.

Return to: O'Reilly Press Room

Recent Press Releases


11/5/14 O'Reilly Media Acquires Video-Training Firm Infinite Skills
10/7/14 O'Reilly and Cloudera Announce Expanded Partnership
9/18/14 Databricks and O'Reilly Media Launch First Apache Spark Developer Certification Program
8/4/14 O'Reilly Media Acquires Full Ownership of Safari Books Online
2/26/14 Solid Heralds the Merging of the Physical and Virtual Worlds

Press Release Archive »

Resources

Press Contacts

Corporate

Sara Winge
800/998-9938 x7109

Media Relations - North America

Sara Peyton
800/998-9938 x7118

Media Relations - Germany

Corina Pahrmann
+49-221-973160-22

Media Relations - Japan

Kenji Watari
+81-3-3356-5227

Media Relations - United Kingdom

Helen Coding
+44 (0)1252-721284

Media Relations - Conferences

Maureen Jennings
800/998-9938 x7083