Farshad Abasi, Iman Sharafaldin, Ralph Andalis, Jared Meit

Farshad Abasi, Iman Sharafaldin, Ralph Andalis, Jared Meit

Forward Security Team

Ex-software developers turned ethical hackers, we enjoy solving challenging security problems, constantly learning and having fun along the way. Code security is in our DNA.

Presentation Abstract

Hunting for Low-hanging Fruit in Web Apps

Developers without a good grasp of basic security issues are known to make the same mistakes time and time again. These can result in vulnerabilities that are used to attack the application and impact the business. Many of the issues are “low-hanging fruit” and can be avoided if the developers put themselves in the attacker’s shoes to observe, learn, and appreciate the importance of application security.

As such, it is important for all development staff to receive hands-on training to better understand common vulnerabilities such as those published by OWASP Top 10.


  • Application developers
  • Application architects
  • Other IT and technical personnel involved with the application development