USD $1,399.00
Date | Day | Time | Duration |
27 Aug | Tuesday | 0900-17:00 ICT/GMT+7 | 8 Hours |
28 Aug | Wednesday | 0900-17:00 ICT/GMT+7 | 8 Hours |
This workshop presents a beginner-friendly approach to manual Secure Code Review (SCR), which is the result of combining multiple methods and techniques to detect more bugs during your software security reviews. The presented methodology is intended to be focused on Android application and its development environment; students will be applying such methods to a variety of apps written with different libraries and frameworks, to facilitate students in getting comfortable in understanding the structure and common issues when assessing the security of Android applications.
The workshop is meant to be highly practical where students will be offered the chance to manually review multiple snippets of vulnerable code and develop rules to increase the detection of security issues from the source code.
Overview on Secure Code Review
Code Review Methodologies
Android Apps Secure Source Code Analysis
Fundamentals of backend security: APIs and Web Services
Antonio Pandolfi is a senior security researcher experienced in software penetration testing and secure code review for web and mobile applications and technologies.
Antonio holds a Bachelor of Science (BSc) in Computer Science from the University of Pisa, where he graduated with a thesis on advanced techniques for passive Operating System (OS) fingerprinting.
He holds multiple cybersecurity certifications including OPST, eMAPT and OWSE.
During his career, Antonio matured an extensive experience in fuzz testing techniques and procedures at the Huawei Munich Research Centre (Germany), where he served as senior vulnerability researcher.
In his spare time, he enjoys researching and exploiting vulnerabilities for Internet of Things (IoT) devices and open-source projects.
Adverse Theory is a disruptive startup focused on delivering “unconventional” cybersecurity advisory services to support organizations in establishing security teams, managing large-scare security programs, and developing innovative security technologies.