Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Stick a Pin in Certificate Pinning - How to Inspect Mobile Traffic and Stop Data Exfiltration

via YouTube

Overview

Learn about certificate pinning, its complexities, and implementation in mobile security. Explore the broken certificate trust model, government surveillance concerns, and user bypasses of security controls. Discover virtual mobile infrastructure (VMI) and mobile app virtualization architecture for protecting data outside managed networks. Examine techniques for capturing encrypted data, implementing trusted SSL proxies, and leveraging hardware-protected clients with TrustZone. Gain insights into mobile business applications, security monitoring, and strategies to prevent data exfiltration in this comprehensive conference talk from BSides San Francisco 2015.

Syllabus

Stick a Pin in Certificate Pinning
The Certificate Trust Model Is Broken
Worries over Government Snooping
Lock icon on browser is deceiving
Users Can Bypass Security Controls
Linux Foundation "Let's Encrypt" Free CA for everyone • Revoking service - Domain Validation
How Certificate Pinning Works
Complexities of Certificate Pinning
Avoid IT Desperation
How to Implement Cert Pinning
Mobile Business Applications
Virtual Mobile Infrastructure (VMI)
Mobile App Virtualization Architecture
Remote Mobile App Virtualization
Capturing Encrypted Data
VMI with Trusted SSL Proxy
Security and User Monitoring
Protecting data outside managed network
TrustZone: Hardware-Protected Clients

Reviews

Start your review of Stick a Pin in Certificate Pinning - How to Inspect Mobile Traffic and Stop Data Exfiltration

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.