Overview
Explore the evolution and practical application of OWASP Mobile Application Security Verification Standard (MASVS) in this 29-minute conference talk by Brendan Hann, Mobile AppSec Advocate and Product Solution Leader at NowSecure. Gain insights into the most common security issues plaguing developers and security teams, based on extensive pen testing and scanning of mobile apps. Delve into key aspects of mobile app security, including data storage, network calls, authentication, coding practices, and reverse engineering. Learn how to leverage OWASP MASVS and real-world experience to enhance your mobile app security testing skills, whether you're a novice or an experienced professional. Discover the latest tools and tactics in mobile application security, and understand the importance of Cyclone DX in the process. Conclude with resources for further learning to continue advancing your mobile AppSec knowledge.
Syllabus
Introduction
What is MASVS
Data Storage
Network Calls
Insecure Authentication
Insecure Coding
Reverse Engineering
Cyclone DX
Further Learning
Taught by
OWASP Foundation