This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, May 12 • 16:15 - 17:00
Combining the Security Risks of Native and Web Development: Hybrid Apps

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Cross-platform frameworks, such as Apache Cordova, are becoming increasingly popular. They promote the development of hybrid apps that combine native, i.e., system specific, code and system independent code, e.g., HTML5/JavaScript. Combining native with platform independent code opens Pandora's box: all the the security risks for native development are multiplied with the security risk of web applications.

In the first half of our talk, we start our talk with short introduction into hybrid app development, present specific attacks followed by a report on how Android developers are using Apache Cordova. In the second half of the talk, we will focus on developing
secure hybrid apps: both with hands-on guidelines for defensive programming as well as recommendations for hybrid app specific security testing strategies.

avatar for Achim D. Brucker

Achim D. Brucker

The University of Sheffield
Dr. Achim D. Brucker (www.brucker.ch) is a Senior Lecturer and consultant at The University of Sheffield, UK where he heads the heads the Software Assurance & Security Research Team (logicalhacking.com). Until December 2015, he was a Research Expert (Architect), Security Testing... Read More →
avatar for Michael Herzberg

Michael Herzberg

PhD Student, University of Sheffield
Michael is a PhD student at the University of Sheffield, working together with Achim Brucker. His focus lies on formal methods for building secure systems, in particular ones using web technologies. Previously he graduated from the | Karlsruhe Institute of Technology, Germany... Read More →

Friday May 12, 2017 16:15 - 17:00
Waterfront Center: Hall 1B

Attendees (20)