The author of Sprajax, an open source tool for assessing the security of AJAX-enabled web applications, will be giving a session in the "Web 2.0" track at AJAXWorld Conference & Expo 2007 East being held 19-21 March, 2007, in New York's Roosevelt Hotel.

Dan Cornell, who regularly speaks for local and regional chapters of several organizations including Java Users Groups, the IEEE Computer Society, Dot Net Users Groups and the Information Systems Audit and Control Association (ISACA), will be giving a session on "Web 2.0 Security" in which he'll explain how, while Web 2.0 technologies and development techniques have opened exciting possibilities for creating new classes of web-based applications, this enhanced web functionality unfortunately introduces a new set of security risks.

"Because the techniques are so new, the risks and countermeasures are not well understood," says Cornell.

His session will explain Web 2.0 technologies and risks to these applications, examine how common web application vulnerabilities translate to Web 2.0 environments, and provide examples of attacks as well as techniques that can be used to mitigate risks.

Cornell's Sprajax -- which he donated to to OWASP -- is an open source black box security scanner used to assess the security of AJAX-enabled applications.

"By detecting the specific AJAX frameworks in use," says Cornell, "Sprajax is able to better formulate test requests and identify potential vulnerabilities."

AJAXWorld 2007 East Conference & Expo Receives
The Largest Number of Sponsor Support for Any Web 2.0 Event in 2007!

SYS-CON Events announced the "charter sponsors" of AJAXWorld Conference & Expo 2007 East which includes; Laszlo Systems (Diamond Sponsor), JackBe (Platinum Sponsor), Adobe (Platinum Sponsor), Cynergy (Platinum Sponsor), Backbase (Gold Sponsor) Google (Gold Sponsor), Nexaweb (Gold Sponsor), ICEsoft (Gold Sponsor), Oracle (Gold Sponsor), Helmi Technologies (Gold Sponsor), JetBrains (Gold Sponsor), TIBCO (Gold Sponsor), Sun Microsystems (Silver Sponsor), Parasoft (Silver Sponsor), Servoy (Silver Sponsor), Etelos (Silver Sponsor),  Microsoft (Expo Plus Sponsor),  Lightstreamer (Exhibitor Plus Sponsor),  IT Mill (Exhibitor Plus Sponsor), FrogLogic (Exhibitor Plus Sponsor), ThinWire (Expo Sponsor), Quasar Tecnologies (Expo Sponsor), Zapatec (Exhibitor Plus Sponsor), MB Technologies Bindows (Exhibitor), OpenSpot (Exhibitor), ILOG (Exhibitor), Passport Corporation (Exhibitor), Manning Publications (AJAX Book Sponsor), Apress (AJAX Book Sponsor), Conference Guru (Media Sponsor), Flash Goddess (Media Sponsor), AJAXWorld Magazine (Media Sponsor), Web 2.0 Journal (Media Sponsor), SYS-CON.TV (Media Sponsor), IT Mill (Media Sponsor), Methods & Tools (Media Sponsor), Web 2.0 Journal (Media Sponsor), and OASIS (Association Sponsor).