Serendipity Responds!
The other day I posted about Serendipity and their new offering, Enterprise Web 2.0. Dave Leandra, VP of marketing and product strategy at Serendipity was kind enough to offer a comment:
“I was suprised to read your opinion about our announcement without even reaching out to us. While skepticism is healthy - cynicism is not.
A press release does not lend itself to offer much technical detail. It does however, offer a way to initiate a discussion. I welcome the opportunity to explain what we have done here, include having the gadget evaluated by outside security experts.
Just to give you some highlights of what we have done:
web-based gadgets cache their information on 3rd parties servers (like Google and Yahoo) - we create direct links to the back-end system and store NO information on the 3rd party server. Nor do we pass any data through a 3rd party server.
once we do create the connection to the back-end system, we use the native security mechanisms - whether it be username/password, token, single sign on or something else. We DO NOT rely on some authentication scheme we invented, nor do we store credentials anywhere in our system.
all communications can use SSL end-to-end
we have taken all necessary steps to prevent cross site or cross gadget scripting.
In short, I would be happy to explain what we have done here and why this is secure. The responses so far show that the way this works is not understood. Otherwise financial institutions would not be talking to us about providing feeds to customers.
david “
So, I did reach out to him and we are having a nice little chat. He is very busy for the next few days - something exciting that I will write about later today - but he has offered to write an article for you explaining this new technology. Look for it in the coming weeks.
Related Stories
POSTED IN: Fresh feeding
0 opinions for Serendipity Responds!
No one has left a comment yet. You know what this means, right? You could be first!
Have an opinion? Leave a comment: