Speaker: Subin Thayyile Kandy,
Designation: Senior Product Security Engineer at Salesforce
Topic: How to Identify Application-Level Security Attacks
Date of Webinar: February 24th, 2021
Time and Location: 9.00 am EST/ 6.00 am PST / 7.30 pm IST
Subin is a seasoned security professional with more than a decade of experience in application security and offensive security. He currently works for Salesforce as a Senior Product Security Engineer and works on continually evolving his penetration testing skills. He has worked for several banking and financial organizations like Barclays and Capital One, spanning both Defensive and Offensive security roles, and enjoys every aspect of it. During his consulting roles with Verizon, he led several offensive security engagements and advised clients on improving their threat landscape and building a better security posture. He holds several certifications like CEH and GIAC (GSSP .NET, GWAPT, GPEN, GMOB, GXPN).
A major cause of application-level security vulnerabilities is a general lack of language-level support in popular untyped scripting languages. When using these languages, it is the programmer’s job to manually verify that all user input is properly encoded.
- Common application-level attacks and reasons for them.
- Find out how to stop attacks from occurring.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)