back to agenda
on this page
Storytime: Attacking and securing low-code apps
- 14:40
- Thu
- 16 Nov
Stage:
Briefing Stage 1
Format:
Session
Presenter:
Cyber Security Consultant, Saudi Information Technology Company (SITE)
In this briefing, I'll share a high level details (no exploits) for a real-world case I came a cross while hunting for bugs on a critical low-code app. The case unfolded as a series of discoveries, culminating in the identification of numerous vulnerabilities within the low-code application, among them being remote code execution and the takeover of a development admin account. Interesting enough, the bugs were duplicated in several other critical low-code apps.
Throughout this session, I will share my methodology in finding vulnerabilities in low-code apps with the aim to highlight common weakness associated with low-code apps which are different in nature than traditional apps.
Presenter:
Cyber Security Consultant, Saudi Information Technology Company (SITE)