How Cybercriminals Steal Money
Attend this session and learn how you can prevent today's most significant data security vulnerabilities—the kind that leave businesses open to fraud that ranges from capturing tens of millions of credit card numbers to stealing money from bank accounts to constructing next-generation botnets. We'll review how cross-site request forgery, cross-site script inclusion and SQL injection attacks work and discuss their impact on Web 2.0, AJAX, mashup and social networking applications. We'll present industry-wide statistics on security vulnerabilities, cover emerging security trends and discuss the current state of security education. Then we'll tell you how to defend against security attacks and how to modify your software development process to achieve security, and we'll recommend certification programs, books and organizations that can help you secure your applications.
Speaker: Neil Daswani
Neil Daswani has served in a variety of research , development, teaching, and managerial roles at Google, Stanford University , DoCoMo USA Labs, Yodlee, and Bellcore (now Telcordia Technologies). While at Stanford, Neil cofounded the Stanford Center Professional Development (SCPD) Security Certification Program (http://proed.stanford.edu/?security). His areas of expertise include security, wireless data technology, and peer-to-peer systems. He has published extensively in these areas, frequently gives talks at industry and academic conferences, and has been granted several U.S. patents. He received a Ph.D. and a master's in computer science from Stanford University, and earned a bachelor's in computer science with honors with distinction from Columbia University. Neil is also the lead author of "Foundations of Security: What Every Programmer Needs To Know" (published by Apress; ISBN 1590597842; http://tinyurl.com/33xs6g )
Google Tech Talks
June, 16 2008