Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

SSL Traffic Interception on Mobile Devices - Analysis and Protection

OWASP Foundation via YouTube

Overview

Explore the world of SSL traffic interception on mobile devices in this 52-minute conference talk from APPSEC Cali 2018. Dive into an analysis of over ten million SSL validation failure reports from iOS and Android apps, uncovering where, how, and why SSL incidents occur globally. Discover various classes of SSL incidents, from well-known corporate traffic inspection to unexpected and suspicious actors. Learn about real-world solutions to protect mobile apps against traffic interception and attacks. Gain insights from Alban Diquet, Head of Engineering at Data Theorem, as he shares findings on security protocols, data privacy, and mobile security. Explore topics such as SSL pinning, server misconfigurations, development proxies, corporate networks, and spyware categories. Understand the implications of SSL interception for mobile app security and discover practical strategies for developers to enhance protection against potential threats.

Syllabus

Intro
SSL Pinning
SSL Reporting
The Data Set
Report Classification
Server Misconfiguration
Classification Categories
Development Proxies
Corporate Networks
Pins Misconfiguration
Spyware Categories
What Happened?
Spyware - Market Intel
Spyware - Ad Blocker
Spyware - Parental Control
What do we do?

Taught by

OWASP Foundation

Reviews

Start your review of SSL Traffic Interception on Mobile Devices - Analysis and Protection

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.