Great Dane Tech

Great minds building great systems
RSS

Archive for the ‘Security’ Category

Ajax Security

Posted by admin on November 17th, 2009 No Comments

Ajax is sweeping across Web site development projects like a wildfire. Ajax is a multi-dimensioned technology with communications back-and-forth between client and server and manipulation of the document object model (DOM) at the browser. The power of Ajax enables browser-based applications to perform much like a desktop application with real-time notifications, partial-page refreshing, and other inviting features. However, this power comes at the price of additional security threats and must be managed accordingly. Some of these threats include:

  • Security controls embedded in client-side scripts where attackers can access and modify
  • Increased complexity of the programming domain, therefore increasing the testing requirements and the potential for attacks
  • Lack of authentication and input validation controls for the non-business user audience
  • Increased potential for cross-site scripting and cross-site request forgery attacks
  • Dynamic JavaScript evaluations leading to the potential for dynamic JavaScript script attacks

The Ajax landscape is definitely and exciting one, but fraught with new threats. Therefore, a shrewd development team must incorporate new methodologies and testing techniques to thwart these new threats.

  • Share/Bookmark
Tags: , , , , , , ,

SEO and Site Security

Posted by admin on October 8th, 2009 No Comments

Search engine optimization (SEO) and security for your site can mean the difference between success and failure. When building a site it is extremely important that these two concepts are addressed from the initial design all the way through deployment of your site. Search engines are becoming very sophisticated, therefore, your SEO techniques must be just as sophisticated. Hackers and intruders are constantly discovering ways to steal information, hijack sessions, and ruin your site’s performance. Issues such as cross-site scripting (XSS), cross-site request forgery (XSRF), executable JavaScript data blocks, image tag piggy-backing, and other threats are just some of the latest techniques being used to invade a site’s private data.

Please take time to review our customers’ sites and ask our customers how we helped them to optimize for SEO and reduce security threats in order that they might use their time and resources to promote products and services and drive business success.

  • Share/Bookmark
Posted in SEO, Security

Log in | Entries (RSS) | Comments (RSS)