Visual WebGui NOC application cannot be hacked
roy.goffer posted on February 17, 2009 :: 3032 Views
More than 1,700 users registered and thousands attempted to break into the Visual WebGui pipeline unsuccessfully during the $10,000 Security Challenge that ended this month after airing for over 3 months.
The contest offered $10,000 prize to anyone who could break into the Visual WebGui pipeline via the Visual WebGui NOC web application and required participants to provide a reproducible pathway into the Visual WebGui pipeline in order to claim the prize. Despite more than 1,700 registered break-in attempts, Visual WebGui was not hacked and the prize remains unclaimed. The Visual WebGui "Empty Client" architecture is secure by design and provides bullet-proof security to AJAX and Silverlight applications. The Empty Client approach means that the entire application flow, UI logic, and validations are developed and processed on the server and virtualized on the browser while the web browser serves as a “display” for the output and a “receptor” for user input. Thus, only essential UI data is sent to the client, which includes no applicative or sensitive data, preventing the break in and theft of confidential information on the server.
Navot Peled, CEO and founder of Gizmox commented: "The fact that no one was able to successfully hack into the Visual WebGui pipeline shows that Rich Internet Applications developed with Visual WebGui are inherently safe and secure by design... As the Empty Client name indicates, the client holds no data or logic, and every action the client wants to take must be authorized by the server first. Not only does this significantly increase security, but the Empty Client design allows events to be raised on the server for every client action while also remaining flexible enough to make web applications responsive, scalable and customizable, enhancing the end-user experience."