HTML5: Why Should You Care?

Ofer Shezaf, Head of HP Web Application Security Research Group
HTML5 is the latest buzzword in web development and hailed as the technology that will revolutionize the web. More than any other upcoming technology, security executives and practitioners need to be aware of it and its security implication. The presentation will start with an overview of HTML5, its importance to web and mobile application development and its adoption status. Based on this overview, the presentation will explore the security implications of HTML5 use for application development and present examples of new HTML5 threats such as client side SQL injection and cross origin attacks. The presentation will conclude with a discussion on securing HTML5 application in development and in production using secure development life-cycle management tools and recommend practical steps to bootstrap this security effort.
Sep 14 2011
45 mins
HTML5: Why Should You Care?
Join us for this summit:
  • Channel
  • Channel profile
  • Outthinking the Bad Guys Recorded: Feb 6 2015 22 mins
    Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
  • Defending Against Advanced Attacks Recorded: Jan 5 2015 25 mins
    A webinar with Gartner VP Mark Nicolett, provides solid tips to reduce your vulnerability.

    The recent data breach cost Target more than $60 million in recovery costs. And even that has been exceeded at other companies that have fallen victim to advanced targeted cyber attacks.

    View the webinar to learn:
    •How to present a hard target to hackers
    •How advanced persistent attacks work
    •How the SOC and NOC can work together
    •Best practices for security information and event management (SIEM)
  • Advancing Incident Management: The Next Evolution Recorded: Dec 18 2014 38 mins
    To combat advanced adversaries, we must improve our detection and response capabilities. This presentation will cover emerging processes and technologies in security operations that allow organizations of all sizes to improve their detection and response effectiveness. The capabilities presented here have been used by HP to detect and remove advanced threats for organizations across the globe.
  • Adapting Software Security Assurance for Cloud and Mobile Recorded: Nov 18 2014 49 mins
    Many organizations have been building client-server and web applications for some time, and quite a few have reached a good level of maturity in regards to building security into their SDLC. Yet that traditional model of securing applications can’t fully address the security challenges presented by mobile and cloud infrastructures and the applications built around them. The business benefits of ubiquitous and quick data access (that come with mobile and cloud) are obvious, but the security issues are very real.

    Join this discussion to find out how internal development and security groups can update their software security assurance processes so that they are embracing AND securing mobile and cloud solutions.
  • Measuring and Maturing an AppSec program Recorded: Nov 6 2014 44 mins
    Software Security Assurance (SSA) programs take many forms across various industries. What remains constant across all programs and industries is the challenge of choosing appropriate measurements. We often ask: “Is this the right metric?” “Am I collecting enough data?” “What should be reported to my managers and senior executives?” In this webinar we help you answer those questions, and we also show you how the right metrics mature your SSA program and keep it focused on business priorities.
  • Taking an AppSec Program from 0 to 60 in 30 days Recorded: Oct 16 2014 39 mins
    Whether a mandate to secure all web and mobile apps comes from a newly enlightened CIO or in response to a major security breach, beginning even a small application security program can be a daunting task. How will you know how many digital assets you have, let alone their risk profile?
    In this webinar we will explore how, using a cloud solution like Fortify on Demand, even the largest organizations can begin to scan apps immediately and rapidly scale an application security program. Identify and risk rank assets, fix critical vulnerabilities, and put in place a process to secure all new and existing applications - without hiring a separate security team.
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: APJ Recorded: Oct 10 2014 56 mins
    Explore cyber crime in Asia Pacific and Japan

    The cost of cyber crime is on the rise in the APJ region, according to the 2014 Cost of Cyber Crime study from the Ponemon Institute. Among 30 companies surveyed in Australia, the reported per-company cost for Internet-driven crime was $4 million, up 8.4% from 2013. In Japan, the per-company average hit $6.9 million in the study, up 5.7% from 2013.

    On the more optimistic side, companies in the region are achieving notable ROI for their investments in cyber security solutions. The average ROI for seven security technologies was 16% in Australia and 17% in Japan. For a close-up view of these and other findings from the institute’s research in Australia and Japan, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our APJ Security webinar.
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: Americas Recorded: Oct 9 2014 60 mins
    Explore cyber crime in the Americas

    In the 2014 Cost of Cyber Crime study, U.S. companies reported an average of $12.7 million in losses to cyber crime. That was the highest national average in the study by the Ponemon Institute. Among the 59 U.S. companies in the survey, the average cost of cyber crime climbed by more than 9% over the course of the year.

    Among other findings, the study noted that the most costly cyber crimes are those caused by denial of services, malicious insiders, and malicious code. These threats account for more than 55 percent of all cyber crime costs. For a fuller look at these and other findings from the institute’s study of U.S. companies, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our AMS Security webinar
  • 5th Annual Ponemon Cost of Cyber Crime Study Results: EMEA Recorded: Oct 8 2014 59 mins
    Explore cyber crime in Europe

    For its 2014 Cost of Cyber Crime study, the Ponemon Institute expanded its focus in Europe to encompass the Russian Federation, as well as France, Germany, and the United Kingdom. Collectively, the institute surveyed 137 companies in Europe in a study that found broad differences in the reported costs of cyber crime across the region. The per-company average ranged from $3.3 million in the Russian Federation to $8.1 million in Germany.

    The study results indicate that over the course of the year, cyber crime rose 20.5% in France, 17.4% in the U.K., and 7.2% in Germany. For a closer look at these and other findings from the institute’ European research, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, for our EMEA Security webinar.
  • HP Cyber Risk Report Recorded: Jul 23 2014 4 mins
    In application vulnerability testing performed by HP, 52 percent of total vulnerabilities found are on the client side, and 48 percent are on the server. That is one of the real-world statistics uncovered by the HP 2013 Cyber Risk Report and summarized in this informative four-minute video.

    The Cyber Risk Report video presents the data you need to separate the hype from the real threats and better plan how to spend your security dollars. View it to learn the most common kinds of attacks and to hear the one lesson learned from the in-depth study of the 2013 attack that took down South Korean Banks.
  • Closing the Book on Heartbleed - and Avoiding Future Sad Stories Recorded: May 14 2014 61 mins
    The Heartbleed vulnerability in OpenSSL forced millions of users to changed passwords and enterprises to rapidly patch thousands of servers.Because of all the publicity there continues to be a lot of CXO-level awareness around cyber security and now is the perfect time to recommend strategies for avoiding or mitigating the next Heartbleed - and there *will* be a next one. There were many lessons learned during Heartbleed than can be used to bolster your plans and your presentations to management to gain funding.
    In this SANS Special webcast, John Pescatore, SANS Director of Emerging Security Trends will present an overview on the details around Heartbleed and an update on the current status, risks and industry efforts around software security. He will then moderate a panel of vendor experts in a discussion around lessons learned from dealing with Heartbleed and best practices for mitigating or shielding the risks due to vulnerabilities in open source and other third party software. Panelists will include Joanna Burkey, TippingPoint DVLabs Manager, and Joe Sechman, Manager, Software Security Research for HP.
  • Cybercrime video Recorded: Mar 13 2014 3 mins
    Cyber criminals continue to steal data and interrupt business at alarming rates. The average annualized cost of cyber crime is $7.2 million per company per year, with a range of $375K to a staggering $58 million, according to a global study by the Ponemon Institute. That’s an increase in cost of 30 percent over last year’s global results. The most costly criminal activities come from malicious insiders, denial-of-service and web-based attacks – and no industry is immune. Fortunately, there are ways to fight back.

    In this short video you’ll learn:
    *How proactive security measures can save millions of dollars
    *What seven security technologies are key to winning the cyber crime war
    *Where to get more information and guidance
  • Stay out of the headlines for breaches / non-compliance with security analytics Recorded: Jan 23 2014 62 mins
    Tight alignment between compliance and security capabilities can make each component stronger than it would be by itself. Organizations that blend the two not only more effectively combat targeted attacks and data breaches, but also more easily meet compliance requirements and avoid expensive fines. Learn how leading organizations are leveraging continuous monitoring and incident response management to achieve a more secure and compliant enterprise.
  • 2013 4th Annual Cost of Cyber Crime Study Results Recorded: Nov 20 2013 61 mins
    Join us for the 2013 results presentation of the 4th Annual Cost of Cyber Crime Study, conducted by Ponemon Institute and sponsored by HP Enterprise Security. This study, based on a benchmark sample of U.S. organizations, shows that cyber attacks not only increased 12 percent last year, the costs associated with those attacks increased by an average of 26 percent or $2.6 million per organization. Findings from the report also show that each week, an organization can expect two of the many cyber attacks launched against it to succeed.

    Join us for this important webinar and learn how:
    • All industries and all sizes of organizations fall victim to cyber crime, but to different degrees.
    • Denial of service, malicious insiders and web-based attacks comprise the most costly crimes.
    • Attacks can be mitigated by SIEM, enterprise governance, application security testing and other prevention-focused strategies and technologies.
  • 2013 4th Annual Cost of Cyber Crime Study Results: Asia Recorded: Oct 31 2013 60 mins
    2013 Cost of Cyber Crime Study: Australia & Japan

    Join us for the 2013 results presentation of the second annual Cost of Cyber Crime study for Australia and Japan. Conducted by Ponemon Institute and sponsored by HP Enterprise Security, a total of 64 Australian and Japanese organizations participated. According to the findings, cyber attacks increased 12 percent in Australia and 32 percent in Japan. The costs associated with this increase in Australia were $772,903 and ¥265 million in Japan. “Findings from the report also show that each week Australian and Japanese organizations experienced on average 1.4 successful attacks per company”
  • 2013 4th Annual Cost of Cyber Crime Study Results: Europe Recorded: Oct 30 2013 62 mins
    2013 Cost of Cyber Crime Study: UK, Germany & France

    Join us for the 2013 results presentation of the second annual Cost of Cyber Crime study for the United Kingdom and Germany. For the first time, the research was conducted in France. Conducted by Ponemon Institute and sponsored by HP Enterprise Security, a total of 110 UK, German and French organizations participated. According to the findings, cyber attacks increased 16 percent in the UK and 21 percent in Germany. The costs associated with this increase in the UK and Germany were £904,886 and €830,169, respectively. For the first time, it was determined that the average cost of a cyber attack in France was €3.89 million. Findings from the report also show that each week UK and German organizations experienced on average 1.3 successful attacks per company. French organizations experienced an average of 1 cyber attack per company.
  • 2013 4th Annual Cost of Cyber Crime Study Results: Americas Recorded: Oct 29 2013 61 mins
    Join us for the 2013 results presentation of the 4th Annual Cost of Cyber Crime Study, conducted by Ponemon Institute and sponsored by HP Enterprise Security. This study, based on a benchmark sample of U.S. organizations, shows that cyber attacks not only increased 12 percent last year, the costs associated with those attacks increased by an average of 26 percent or $2.6 million per organization. Findings from the report also show that each week, an organization can expect two of the many cyber attacks launched against it to succeed.

    Join us for this important webinar and learn how:
    • All industries and all sizes of organizations fall victim to cyber crime, but to different degrees.
    • Denial of service, malicious insiders and web-based attacks comprise the most costly crimes.
    • Attacks can be mitigated by SIEM, enterprise governance, application security testing and other prevention-focused strategies and technologies.
  • Threat Central – Cloud based Threat Intelligence Sharing Recorded: Oct 9 2013 24 mins
    In the new generation of cyber defense, security intelligence becomes a key element. Recent technology advances provide the foundation for a new type of threat intelligence sharing platform to organize, collaborate, and manage risk more effectively. This sharing platform makes your security program more effective with actionable protection.
  • The lost art of vulnerability research Recorded: Oct 2 2013 51 mins
    What grade would you give your company on using vulnerability research to protect your organization from new security threats?
    If not an A+, learn best practices from Frost and Sullivan’s Chris Rodriguez, senior industry analyst on network security.

    In this webinar, we’ll discuss current threats that have been mitigated by leading vulnerability research and share how timely vulnerability research can help your organization prepare.
  • Insiders, Outsiders and Big Data Recorded: Sep 11 2013 46 mins
    The challenges you face today in protecting your organization from insiders, outsiders, and hacktivists include incomplete threat intelligence, minimal visibility into unstructured data, and insufficient context. In addition, modern network security systems generate such an enormous volume of events that it is hard to take action on all of them. Learn about techniques and technologies that you can use to handle high volumes of structured and unstructured data to derive true intelligence from today’s modern security systems.
Leading Security Intelligence & Risk Management Enterprise Platform
HP is a leading provider of security and compliance solutions for modern enterprises that want to mitigate risk in their hybrid environments and defend against advanced threats. Based on market leading products from ArcSight, Fortify, and TippingPoint, the HP Security Intelligence and Risk Management (SIRM) Platform uniquely delivers the advanced correlation, application protection, and network defense technology to protect today’s applications and IT infrastructures from sophisticated cyber threats. Visit HP Enterprise Security at: www.hpenterprisesecurity.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: HTML5: Why Should You Care?
  • Live at: Sep 14 2011 3:00 pm
  • Presented by: Ofer Shezaf, Head of HP Web Application Security Research Group
  • From:
Your email has been sent.
or close
You must be logged in to email this