Agenda
• Components and Terminology
• Web Services Threats
• Web Services Hacking
• Web Services Hardening
• Conclusion and Questions
Web Services Stack
Web Services Stack
Presentation Layer
XML, AJAX, Portal, Other
Security Layer
WS-Security
Discovery Layer
UDDI, WSDL
Access Layer
SOAP, REST
Transport
HTTP, HTTPS, JMS, Other