When
1:45 PM Saturday
Where
5502
Silicon Valley Code Camp : October 11th and 12th 2014session

Mobile apps security. Beyond XSS, CSRF and SQLi

This talk will be focused on how to develop secure mobile apps. We will look into specifics regarding mobile development and what are the best practices. Beyond SQLi, XSS and CSRF, we will cover protocols, secure storage, secrets, caching, logging...

About This Session

This talk will be focused on how to develop secure mobile apps. We will look into specifics regarding mobile development and what are the best practices. Usually developers take into account the well-known vulnerabilities such as SQLi, XSS, CSRF, etc. forgetting about those impacting specifically the mobile platform. We will make an emphasis on all those other issues affecting the mobile platform such as protocols, secure storage, secrets, caching, logging, etc.

Time: 1:45 PM Saturday    Room: 5502 

The Speaker(s)

undefined undefined

Martin Vigo

Product Security Engineer , Salesforce.com

Martin Vigo is a Product Security Engineer with a special interest in Web and Mobile Security. He also has extensive background as a Software Engineer with over 5 years of work experience. Martin does penetration testing for a living but also likes to hunt for security issues in his spare time. He enjoys the challenge of finding vulnerabilities in mobile apps he uses on a daily basis and has been acknowledged by several companies for doing a responsible disclosure of his findings.

undefined undefined

Sergey Gorbaty

unassigned , Salesforce

Sergey is a Sr. Product Security Engineer at salesforce.com focusing on mobile, authentication and web security. His background also includes working as a Software QA Engineer for over 4 years. At salesforce.com Sergey collaborates with other engineers on secure design and architecture of applications, services, API and mobile frameworks. Tennis and doing security research are Sergey's favorite past times.