Ofer Shezaf, Head of HP Web Application Security Research Group
HTML5 is the latest buzzword in web development and hailed as the technology that will revolutionize the web. More than any other upcoming technology, security executives and practitioners need to be aware of it and its security implication. The presentation will start with an overview of HTML5, its importance to web and mobile application development and its adoption status. Based on this overview, the presentation will explore the security implications of HTML5 use for application development and present examples of new HTML5 threats such as client side SQL injection and cross origin attacks. The presentation will conclude with a discussion on securing HTML5 application in development and in production using secure development life-cycle management tools and recommend practical steps to bootstrap this security effort.