Integrating Mobile Devices into Penetration Testing Programs

Explore techniques for incorporating mobile device security testing into enterprise penetration testing programs in this 40-minute conference talk from AppSec Ca 2016. Learn why assessing mobile device vulnerabilities is crucial for comprehensive security, even in organizations with mature programs. Discover methods for evaluating the effectiveness of mobile security controls, identifying risks to enterprise assets from compromised devices, and simulating real-world mobile attack scenarios. Gain insights into mobile-specific penetration testing approaches, including mobile phishing, circumventing security measures, and using compromised devices as pivot points. Watch live demonstrations of mobile device and infrastructure penetration tests, and understand how to seamlessly integrate these techniques into existing security testing frameworks to better address BYOD risks.