In this highly technical seminar, we use realistic code examples (Android and iOS) and practical exercises (Android). Common attack vectors and corresponding countermeasures are presented and discussed. The focus lies on understanding the typical weaknesses of modern mobile devices and the out of that resulting know-how to implement sustainable security through the consistent application of the learned countermeasures. The following questions are addressed over and over again for the given scenario:
- How are attacks against mobile applications carried out?
- How can errors be avoided in the design and implementation phase?
- How can vulnerabilities be efficiently identified?
During the course of the seminar, an initially insecure Android application is analyzed statically and dynamically with regards to the Mobile OWASP Top 10 vulnerabilities, subsequently corrected and the changed corrected behavior validated at runtime. Our modern training environment ensures efficient access to the training material and partly supports fully automatic review of the solutions created by the participants.
All contents can be adapted specifically to your needs!
Contents
- General structuring
- Input and output handling
- Authentication and password management
- Interprocess Communication
- Session Management
- Access Control
- Cryptography
- Data storage / protection
- Error Handling and Logging
- Communications Security
- System Configuration
- File Management
- Memory Management
- Selection of considered cross-cutting topics (customizable):
- Platform specific security features
- SQLite / -Cipher
- (Shared) Preferences
- Keychain / Keystore
- Spongy Castle
- Backup
Target Group
- Software Developer
- Architects
- Project Manager
Duration
2 to 3 days or individually tailored
Requirements
Best Practices for secure Web Applications or similar level of knowledge
Trainer
 |
Mirko Richter Experienced SSDLC consultant with 15+ years of experience |
 |
Björn Kirschner Experienced penetration tester and IT security consultant |
Our training courses are aimed at companies and organisations. A training course can be economical with just three or more participants. The trainings take place at your premises or is organised by us in your desired environment.
You might be interested in these seminars
Your Contact:
Dr.-Ing. Benjamin Kellermann
Contact us via email.
Or call us or use our special contact form.
