Secure Web Services for Managers

Overview

The National Institute of Standards and Technology special publication 800-95 Secure Web Services is one of the best publications they have ever produced. It helps us understand the growth in both numbers and importance of web applications and how vulnerable they are. As they say themselves, "The advance of Web services technologies promises to have far-reaching effects on the Internet and enterprise networks. Web services based on the eXtensible Markup Language (XML), SOAP, and related open standards, and deployed in Service Oriented Architectures (SOA) allow data and applications to interact without human intervention through dynamic and ad hoc connections. Web services technology can be implemented in a wide variety of architectures, can co-exist with other technologies and software design approaches, and can be adopted in an evolutionary manner without requiring major transformations to legacy applications and databases."

SP 800-95 gives solid architectural guidance, it is a break through document, but the content is beyond the reach of most managers. When we read terms like SOA, SOAP, TLS, XML, XACML, UDDI, WSDL our eyes glaze over even though we know this is really important material. SANS wants to help. One of SANS top instructors will break it down for you step by step. By the end of the class you will understand secure web services and will be ready to ask your web team the right questions and give the right guidance. There are no prerequisites, some basic IT and IT Security previous knowledge is assumed. However, there is read ahead material for students that do not have an IT background and we highly recommend that look that material over before attending.

Laptop