Denim Group Quoted in eWeek about HTML5 Risks

Brian Prince from eWeek included some of my comments on HTML5 risks in his article “Will HTML 5 and IPv6 Find Their Way into Malware Attacks in 2010?

HTML5 is certainly exciting from a features and functionality standpoint – it offers a number of new capabilities for web application developers to create cool applications.  However – as we saw with mainframe developers who started developing web applications and web application developers who started developing AJAX applications – a lack of understanding about how new technologies work can lead to problems.  Just because you can do something doesn’t mean you should do something.  HTML5 offers a number of new capabilities that web application developers need to take a little bit of time to understand before they actually deploy applications using them.  Threat modeling is invaluable for developers who want to develop applications in a secure manner with new and exciting technologies.

Please contact us if you would like to discuss steps you can take for your organization to deploy cutting-edge technologies in a secure manner.


dan _at_


Posted via email from Denim Group’s Posterous

About dancornell

Dan Cornell has over fifteen years of experience architecting and developing web-based software systems. He leads Denim Group's security research team in investigating the application of secure coding and development techniques to improve web-based software development methodologies. Dan was the founding coordinator and chairman for the Java Users Group of San Antonio (JUGSA) and currently serves as the OWASP San Antonio chapter leader. Dan has speaks at such international conferences as RSA, ROOTs in Norway and OWASP AppSec EU.

Leave a reply