Modern web applications are increasingly adopting Ajax techniques to provide a slick user experience. With the increased reliance on Javascript that comes with Ajax, much of the logic that previously would have been safely tucked away and out of sight on the server is progressively moving into view on the browser. Meanwhile, in the view of gurus such as Douglas Crockford, the web as an application delivery system is "hopelessly insecure".

In this presentation Rob will examine some of the critical security issues that confront the Ajax developer, and will provide some useful "dos and don'ts" based on his experience working with customers who are deploying highly secure applications that handle sensitive personal and financial information.