// December 10th, 2013 // Bachaav
Bachaav sessions are free to attend but only with prior invitation. Participants will be selected based on how they fill the registration form. All applications are evaluated by the Bachaav Champion to select those who the Champion thinks will get the most from the session. Only selected applicants will be emailed further details. Even though we would like to get everyone to attend, sometimes the topic at hand requires extensive knowledge of the subject and this means that the Champion may not feel confident to have an applicant in the session.
If you have ever wondered about the security implications which lies beneath these quirky behaviors, this session is totally for you. Talking about client-side browser security for a whole day would be cool, but how about we make it more relevant to our day to day web applications?
The session would concentrate on
- Fixing browser based injection attacks like DOM XSS
- Sandboxing the DOM properties
- Implications of polluting the global namespace
- Thought process of bypassing an XSS filters and then fixing them
- Written a few basic web applications
Bachaav Champion | @skeptic_fx
Nafeez Ahamed works as a security engineer solving exciting and new problems in the security space. His areas of expertise include client-side security and network security. Most of his time is spent, trying to find new ways to defend things in the browser. He feels that defending anything is much harder than attacking, especially if you know what the sophisticated attackers are up to.
For more information about Bachaav Workshops you can visit here.