Sep 2017
11 Mon
12 Tue 08:30 AM – 05:20 PM IST
13 Wed 08:30 AM – 05:30 PM IST
14 Thu
15 Fri
16 Sat
17 Sun
Sep 2017
11 Mon
12 Tue 08:30 AM – 05:20 PM IST
13 Wed 08:30 AM – 05:30 PM IST
14 Thu
15 Fri
16 Sat
17 Sun
Abhisek Datta
This primer talk is intended to set the context for a wider discussion on Mobile App Security with some background on web application security. This talk will briefly introduce the participants to the various tools and techniques available in the arsenal of a potential attacker with the objective of spreading security awareness. This will allow the participants to avoid common security issues during coding and better design apps that are secure. Expectations is developers who are quite technical will be able to come up with their mitigation strategies if they know/understand attackers approach.
The talk will cover few case studies of how mobile apps can be used as entrypoints into a larger solution consisting of backend applications and services. It is a common practise to assume that credentials or open web service endpoints hardcoded in a mobile app will not be discovered. We will show how trivial it is to extract such information from an app through static analysis.
TBD
Abhisek has over 10 years experience conducting security research and security services including penetration testing, source code review and expert training. He is Head of Technology at Appsecco, where his core focus is building security automation tools & techniques. He has also conducted multiple mobile app penetration testing and proposed solutions to enhance security of mobile apps for corporate clients.
He is an active vulnerability researcher with multiple CVE credited to his name including; CVE-2015-0085, CVE-2015-1650, CVE-2015-1682, CVE-2015-2376, CVE-2015-2555, CVE-2014-4117, CVE-2014-6113.
As an open source software contributor, he has developed or contributed to multiple projects including:
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}