Session Details

Mobile apps security. Beyond XSS, CSRF and SQLi  

Level :
Intermediate
Date :
1:45 PM Saturday
Room :
5502
Interested : (79) - Registered : (34)

Presentation

This talk will be focused on how to develop secure mobile apps. We will look into specifics regarding mobile development and what are the best practices. Usually developers take into account the well-known vulnerabilities such as SQLi, XSS, CSRF, etc. forgetting about those impacting specifically the mobile platform. We will make an emphasis on all those other issues affecting the mobile platform such as protocols, secure storage, secrets, caching, logging, etc.

The Speaker(s)

img

Martin Vigo

Martin Vigo is a Product Security Engineer with a special interest in Web and Mobile Security. He also has extensive background as a Software Engineer with over 5 years of work experience. Martin does penetration testing for a living but also likes to hunt for security issues in his spare time. He enjoys the challenge of finding vulnerabilities in mobile apps he uses on a daily basis and has been acknowledged by several companies for doing a responsible disclosure of his findings.
img

Sergey Gorbaty

Sergey is a Sr. Product Security Engineer at salesforce.com focusing on mobile, authentication and web security. His background also includes working as a Software QA Engineer for over 4 years. At salesforce.com Sergey collaborates with other engineers on secure design and architecture of applications, services, API and mobile frameworks. Tennis and doing security research are Sergey's favorite past times.
  • Not Interested
  • Interested
  • Attending

SPONSORS List