Quick Ajax Training
TechNet Ajax web casts have a ton of Ajax related training videos that can help out security folks, and developer folks better yet, it’s all free.
If you have never used or taken a TechNet web cast, and if you are interested in Ajax, and what Ajax can do for you, this is a great place to start to get your feet wet. The link is here.
Some are good high quality, some are just those things that people need ot know to get their feet wet. Overall though, if you have no money for training, download the web cast and sit back in the office while you do other things and keep the sound track going. The good part about TechNet web casts is that you can sometimes download them, and they have screen caps or live screens of the data that they are covering.
In going through the web site, there are some that will hang, but that could be my bandwidth this morning or something else. Usually restarting the web cast or starting from scratch again for the web cast clears the problem.
The ones that I like the best
The Billy Hoffman series of Ajax training. I am a fan of what Billy does, so having access to five hours of his knowledge is a good thing. The link for that is here. The “live from redmond” series really goes deep into ajax, ajax security, and how to approach some of the issues like cross site scripting and other problems that people who do web app security see on a semi-regular basis.
It is always interesting getting the “real deal” from someone like Hoffman, and actually listening to what he has to say about ajax and ajax security. Some of it we can disagree with, some of it we can’t, and its hard to disagree when you are seeing cross site or other security issues right there on the screen. That’s why the “Live from Redmond” Ajax Security series is so good. Its hard to ignore the examples.
Outside of that, the information is very good, and makes some great background information in Ajax, what the issues are, how to solve some of the issues, and steps that developers, QA, and security folks can take to make sure that their web apps are running the way they were intended to run.