Secure Coding for mobile Applications

In this highly technical seminar, we use realistic code examples (Android and iOS) and practical exercises (Android). Common attack vectors and corresponding countermeasures are presented and discussed. The focus lies on understanding the typical weaknesses of modern mobile devices and the out of that resulting know-how to implement sustainable security through the consistent application of the learned countermeasures. The following questions are addressed over and over again for the given scenario:

  • How are attacks against mobile applications carried out?
  • How can errors be avoided in the design and implementation phase?
  • How can vulnerabilities be efficiently identified?

During the course of the seminar, an initially insecure Android application is analyzed statically and dynamically with regards to the Mobile OWASP Top 10 vulnerabilities, subsequently corrected and the changed corrected behavior validated at runtime. Our modern training environment ensures efficient access to the training material and partly supports fully automatic review of the solutions created by the participants.

All contents can be adapted specifically to your needs!

Contents

  • General structuring
    • Input and output handling
    • Authentication and password management
    • Interprocess Communication
    • Session Management
    • Access Control
    • Cryptography
    • Data storage / protection
    • Error Handling and Logging
    • Communications Security
    • System Configuration
    • File Management
    • Memory Management
  • Selection of considered cross-cutting topics (customizable):
    • Platform specific security features
    • SQLite / -Cipher
    • (Shared) Preferences
    • Keychain / Keystore
    • Spongy Castle
    • Backup

Target Group

  • Software Developer
  • Architects
  • Project Manager

Duration

2 to 3 days or individually tailored

Requirements

Best Practices for secure Web Applications or similar level of knowledge

Trainer

Secure Coding of mobile applications Mirko Richter
Experienced SSDLC consultant with 15+ years of experience

Diese Seminare könnten Sie noch interessieren

all trainings

Wenn Sie auf der Seite weitersurfen, stimmen Sie der Cookie-Nutzung zu.
If you continue to visit the site, you agree to the use of cookies.
Privacy Policy / Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close