By Dan Cornell
The OWASP Austin folks are setting up a great conference for the end of October. The inaugural Lonestar Application Security Conference (LASCON) is scheduled for October 29th, 2010 at the Norris Conference Center in Austin.
Check here for more information and for a registration link:
I will be giving an updated version of my “Smart Phones, Dumb Apps” presentation. The abstract is:
Enterprises are targeting both internal users and customers with smartphone applications for platforms such as Apple iPhone and Google Android. Many of these applications are constructed without fully considering the associated security implications of their deployment. Breaches can impact both users as well as the enterprise distributing the application as attackers take advantage of expanded access to sensitive data and network services. This talk discusses emerging threats associated with deploying smartphone applications and provides an overview of the threat modeling process. The presentation then walks example applications from an attacker’s perspective demonstrating the sort of information they are able to extract allowing for more advanced attacks.
This is a fun talk and you can see a preview of slides and code here: www.smartphonesdumbapps.com. I’ll have updated material so if you’ve seen it before I promise there will be new stuff.
Contact us if you would like to meet up in Austin.
dan _at_ denimgroup.com