Andrew Hoffman

Andrew Hoffman is a senior product security engineer at Salesforce.com, where he is responsible for the security of multiple JavaScript, NodeJS, and OSS teams. His expertise is in deep DOM and JavaScript security vulnerabilities.He has worked with every major browser vendor, as well as with TC39 and WHATWG - the organizations responsible for designing upcoming versions of JavaScript and the browser DOM.Andrew has been contributing to the upcoming JavaScript language security feature “Realms,” which will provide language level namespace isolation as a native JavaScript feature.He is also researching the potential security implications of "stateless (safe / pure) modules" which could allow web portals to execute user-provided JavaScript with significantly reduced risk.You learn more about Andrew on his blog: https://www.andrewhoffman.me/