Andrew Hoffman
This biography of a living person relies too much on references to primary sources. (April 2021) (Learn how and when to remove this template message) |
Andrew Hoffman | |
---|---|
Born | Andrew Hoffman |
🎓 Alma mater | University of Washington[1] |
💼 Occupation | Computer security researcher |
Known for | Author of Web Application Security: Exploitation and Countermeasures[2] |
🌐 Website | andrewhoffman |
Andrew Hoffman is an American computer security researcher and technical author. He is best known for writing the book Web Application Security: Exploitation and Countermeasures,[3] which has been distributed in partnership with NGINX since 2020 in order to assist software engineers in learning application security.[4]
Andrew Hoffman has taken the stance that as complexity in computer systems evolve, hackers have moved from targeting networks and servers and now instead mostly target bugs in application code.[5]
In a 2021 interview with SearchSecurity (a subsidiary of Techtarget) Andrew Hoffman stated that companies now gain more benefit investing into security at the architecture phase of software development, rather than the coding phase. He argues this is due to the wide surface area of a modern application, which is often composed of many repeated or similar code-based modules or components.[6]
Career[edit]
JavaScript Sandboxing[edit]
While working for Salesforce.com Andrew Hoffman was the security architect for "Lightning Locker", a client-side (browser-based) code-execution sandboxing library for the JavaScript programming language.[7]
This browser-based sandboxing technology was eventually rolled into "Realms", an upcoming JavaScript language feature. Realms will allow websites to run code in the browser from multiple third-parties, without risk of third-party code modifying first party code or stealing data from first party components.[8]
References[edit]
- ↑ "Andrew Hoffman". Linkedin.com.
- ↑ Web Application Security: Exploitation and Countermeasures at Google Books
- ↑ "Web Application Security: Exploitation and Countermeasures".
- ↑ "Web Application Security for Development and Security Teams".
- ↑ Hoffman, Andrew (2020). Web Application Security: Exploitation and Countermeasures. p. 17. Search this book on
- ↑ "Collaboration is key to a secure web application architecture".
- ↑ Hoffman, Andrew (2020). Web Application Security: Exploitation and Countermeasures. p. 299. Search this book on
- ↑ "TC39 Realms Proposal".
External links[edit]
This article "Andrew Hoffman (security researcher)" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Andrew Hoffman (security researcher). Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.