Explore the evolution and key aspects of mobile application security in this 51-minute LASCON conference talk. Gain insights into the OWASP Mobile Security Project's advancements since 2018, including the Mobile Application Security Verification Standard (MASVS) and Mobile Security Testing Guide (MSTG). Learn about common security issues identified through extensive pen testing and app store scanning. Discover 10 essential mobile app security keys, leveraging OWASP MASVS and real-world experience. Cover topics such as app security, device testing, mobile attack surface, resilience, data storage privacy, network issues, authentication, insecure coding, and anti-tampering techniques. Explore useful tools, discuss challenges in mobile app security, and learn about IOXT certification and free resources available for improving mobile application security.
Overview
Syllabus
Introduction
What do you do
Agenda
App Security
Device Testing
Mobile Attack Surface
Resilience
Security
MASVS Overview
Data Storage Privacy
Network Issues
Authentication
Insecure Coding
AntiTampering
AntiTampering Doesnt Work
Tools
What gets in the way
Cyclone DX
MASVS Location
IOXT Certification
Free Report
Taught by
LASCON
Related Courses
-
Insiders Guide to Mobile AppSec with Latest OWASP MASVS
-
How the Latest MASVS and MSTG Specs Enhance Mobile Penetration Testing
-
Fast Forwarding Mobile Security With The OWASP Mobile Security Testing Guide
-
Mobile Rules the World - Jump into Mobile AppSec with the OWASP MAS Project
-
Fixing Mobile Application Security - OWASP Mobile Security Testing Guide
