By Dan Cornell
BSides Austin 2013 was at the end of last week and one of the things I did while I was there was give a short, two hour training session titled "Developing Secure Mobile Applications" This is a (very) cut down version of some of the instructor-led training classes we give on developing secure mobile applications and testing the security of mobile applications. Slides are online:
The abstract for the training was:
This course provides an introduction to security for mobile applications. It walks through a basic threat model for a mobile application. This threat model is then used as a framework for making good decisions about designing and building applications as well as for testing the security of existing applications. Examples are provided for both iOS (iPhone and iPad) and Android platforms and sample code is provided to demonstrate mobile security assessment techniques.
dan _at_ denimgroup.com