Ten Secrets to Secure Mobile Applications
Daniel Miessler, Jason Haddix at AppSec USA 2014
Many high profile mobile apps have been in the news for failures to use encryption, bad web service design, and privacy violations against users. Join us to get a grasp on how to threat model mobile applications and what the top vulnerabilities and solutions are for them. This talk will use the OWASP Mobile Top Ten as a framework and will introduce developers, testers, and management to techniques that will expedite the task of securing mobile applications.
Speakers
Jason Haddix
Head of Penetration Testing, Fortify
I currently facilitate information security consulting at HP which includes developing test plans for Fortune 100 companies and competing in "bake-offs" against other top tier consulting vendors. My strengths are web, network, and mobile assessments. I write for my own infosec website (www.securityaegis.com) that reviews industry training, interviews security professionals, and provides anecdotal/practical advice related to offensive security.
Daniel Miessler
Principal Security Architect, HP
Daniel Miessler is Principal Security Architect with HP based out of San Francisco, California. He specializes in application security with specific focus in web and mobile application assessments, helping enterprise customers build effective application security programs, and speaking with executives about how to best leverage technologies and processes to reduce real-world risk. In his spare time he enjoys reading and writing, programming, rowing, and table tennis.
Speakers
Jason Haddix
Head of Penetration Testing, Fortify
I currently facilitate information security consulting at HP which includes developing test plans for Fortune 100 companies and competing in "bake-offs" against other top tier consulting vendors. My strengths are web, network, and mobile assessments. I write for my own infosec website (www.securityaegis.com) that reviews industry training, interviews security professionals, and provides anecdotal/practical advice related to offensive security.
Daniel Miessler
Principal Security Architect, HP
Daniel Miessler is Principal Security Architect with HP based out of San Francisco, California. He specializes in application security with specific focus in web and mobile application assessments, helping enterprise customers build effective application security programs, and speaking with executives about how to best leverage technologies and processes to reduce real-world risk. In his spare time he enjoys reading and writing, programming, rowing, and table tennis.