iPad Pro w/ Magic KB, Surface Go 2, or $350 Off with OnDemand Training - Register Now


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SANS@MIC -Arcane web and mobile application vulnerabilities

  • Monday, June 15, 2020 at 3:30 PM EDT (2020-06-15 19:30:00 UTC)
  • Bojan Zdrnja

You can now attend the webcast using your mobile device!



In this presentation, Bojan Zdrnja, senior SANS Internet Storm Center and CTO of a Croatian information security company INFIGO IS will go through some not so common, but devastating nevertheless, web and mobile application vulnerabilities.

Bojan's team performs almost 200 application penetration tests per year and finds a lot of critical vulnerabilities that are often overlooked not only by developers, but also by penetration testers.

We will not cover the typical, common vulnerabilities such as XSS, SQL injection and similar, that everyone (should - but they don't) know about, but will instead turn to less commonly known vulnerabilities and attack vectors on both web and mobile applications.

It does not matter if you are red, blue or purple team - details about discussed vulnerabilities will help improve your application security knowledge.

Speaker Bio

Bojan Zdrnja

Bojan is Chief Technical Officer and leads the penetration testing team at INFIGO IS, a security company based in Croatia and, more recently, the UAE.

A graduate from the University of Zagreb, Faculty of Electrical Engineering and Computing, he holds a B.S in Engineering with specialization in computer sciences. After graduating in 2002, Bojan moved to New Zealand where he worked as a Security Officer at the University of Auckland for 5 years. He's very passionate about security - network, web, mobile, IoT - you name it, he wants to break it!

Bojan holds numerous certifications, including GCIA, GCIH, GWAPT, GXPN, GMOB, GMON, GREM, as well as CISSP.

Among other periodicals, Bojan has written a security column for a leading Croatian computer magazine, is the Author of Croatian publication What are computer viruses?, Contributor to AVIEN Malware Defense Guide for the Enterprise, and he's also a senior SANS Internet Storm Center handler. When time permits, he publishes diaries about various exotic security issues that he encounters during assessments, or about analyzed attacks and malware.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.