InfoQ Homepage Presentations SOA Threat Modeling: Attacking and Defending REST, XML and SOAP-based Services

SOA Threat Modeling: Attacking and Defending REST, XML and SOAP-based Services

Bookmarks

View Presentation

Speed:

Download

50:07

Summary

Jason Macy explains what are the security threats targeting SOA implementations, the basic requirements for security testing and SOA gateway, attack examples and countermeasures to protect against SQL Injection, DoS, XSD Mutation, and Identity type of attacks.

Bio

Jason Macy is the CTO at Crosscheck Networks, responsible for SOA Web Services based technologies. He previously served as VP of Engineering for Forum Systems, developing the industry's only FIPS certified hardware security gateway for XML and SOA. He was also architect for Raytheon responsible for testing and commissioning the Air Traffic Control system at Schipol Airport in Amsterdam, Holland.

About the conference

The International SOA Symposium is a yearly event that features the top SOA experts and authors from around the world, providing a series of keynotes, talks, demonstrations, panels, and SOA training and certification workshops - all with an emphasis on realizing SOA in the real world.