Security testing guidelines for mobile apps

•Descargar como PPTX, PDF•

0 recomendaciones•161 vistas

https://www.youtube.com/watch?v=EbHl7i75l5s Mobile app development companies are making things more easy by designing mobile apps that are user-friendly and secure.Mobile apps have some specific characteristics regarding penetration testing.

Software

Security Testing Guidelines for
mobile Apps
Welcome to
Presentation
http://mobilelabsinc.com/

Mobile App Threat Landscape
Location-independent (mobile)
• “Always online” and traceable
•Consumerization – devices are built for personal use
• Focus on functionality and design rather than security
• Raise of sensitive use cases for mobile apps

Mobile app development companies
are making things more easy by
designing mobile apps that are user-
friendly and secure.

Situation Mobile Security Testing
Mobile apps have some specific characteristics
regarding penetration testing
Custom guidelines have not been available
msg systems decided to develop guidelines
(MSTG) with Munich University of Applied
Sciences

Challenges
Identify differences to common penetration tests
Flexible Preconditions
App Security also depends on device security (jailbreak, different
platforms, versions, interfaces, MDM, etc.
Different attackers (internal, external, network or device access, blackbox /
whitebox, etc.

Intelligence Gathering
Try to catch as much as possible information about the app
• Consists of 2 analysis

Differences to conventional
Process
Focus mainly on the architectural/technical part
Not considering mobile specific requirements

Intelligence Gathering
Environmental Analysis
Architectural Analysis
Focus on the company behind the app
and their business case and the relating
stakeholders
• Analyze internal processes and
structures
App (network interfaces, used
data, communication with other
resources, session management,
jailbreak/rooting detection, …)
• Runtime environment (MDM,
jailbreak/rooting, os version)
• Backend services (application
server, databases, firewall, …)

Summary
Mobile Security Testing Guide …
considers mobile characteristics, but is independent from
technologies • … helps to improve transparency and repeatability
for mobile penetration testing • … is a holistic approach with
sufficient flexibility • … and ultimately helps to improve mobile
app security.

Contact information
Headquarters
3423 Piedmont Road NE
Suite 465
Atlanta, GA 30305
+1 (404) 214 5804
Info@mobilelabsinc.com
http://mobilelabsinc.com/
https://www.youtube.com/watch?v=EbHl7i75l5s

Security testing guidelines for mobile apps

Más contenido relacionado

Último

QUICCK 100% in Gauteng/Western Cape *[☎️+27737758557]]@ @# SOWETO@+27737758557 ABORTION PILLS FOR SALE IN STELLENBOSCH CLINIC/WESTERN CAPE cape … CAPE TOWN CLINIC/WESTERN CAPE BELLVILLE LANGA PAROW cape town bellville cape town bellville langa parow khayelitsha gugulethu elies river kraaifontein good wood capetown DR.SINDY +27737758557// abortion clinics// pills WOMEN ABORTION CLINICS PAINFREE,SAFE,QUICCK 100% in western cape +27737758557 Sindy @ABORTION PILLS FOR SALE IN STELLENBOSCH CLINIC/WESTERN CAPE cape … CAPE TOWN CLINIC/WESTERN CAPE BELLVILLE LANGA PAROW cape town bellville cape town bellville langa parow khayelitsha gugulethu elies river kraaifontein good wood capetown bellville.maitland.belhar. aarl, Wellington, Betty’s Bay, Atlantis, Blue Down, Brackenfell, Crossroads, Eerste Rivier, Elsie’s River, Fish Hoek, Goodwood, Gordon’s Bay, Gugulethu,DR EVE +27737758557 // abortion clinics// pills WOMEN ABORTION CLINICS PAINFREE,SAFE,QUICCK 100% in western cape +27737758557 JAULANI@ABORTION PILLS FOR SALE IN STELLENBOSCH CLINIC/WESTERN CAPE cape … CAPE TOWN CLINIC/WESTERN CAPE BELLVILLE LANGA PAROW cape town bellville cape town bellville langa parow khayelitsha gugulethu elies river kraaifontein good wood capetown bellville.maitland.belhar. aarl, Wellington, Betty’s Bay, Atlantis, Blue Down, Brackenfell, Crossroads, Eerste Rivier, Elsie’s River, Fish Hoek, Goodwood, Gordon’s Bay, Gugulethu, Hout Bay, Khayelitsha, Kraainfontein, Kuils River, Langa, Melkbosstrand, Mfuleni, Milnerton, Mitchell’s Plain, Noordhoek, Nyanga, Parow, Kleinmond, Simon’s town, Somerset west, stellenbosch, Ashton Bonnievale Ceres De Doorns Denneburg Franschhoek Gouda Kayamandi Klapmuts Kylemore Languedo cMcGregor Montagu Op-die-Berg Paarl Pniel Prince Alfred Hamlet Rawsonville Robertson Robertsvlei Rozendal Saron Stellenbosch Touws River Tulbagh Wellington Wemmershoek Wolseley Worcester langa parow khayelitsha gugulethu elies river kraaifontein good wood capetown bellville. Ashton Bonnievale Ceres De Doorns Denneburg Franschhoek Gouda Kayamandi Klapmuts Kylemore Languedoc McGregor Montagu Op-die-Berg Paarl Pniel Prince Alfred Hamlet Rawsonville Robertson Robertsvlei Rozendal Saron Stellenbosch Touws River Tulbagh Wellington Alexandra · Diepsloot · Ennerdale ; Alberton · Bedfordview · Benoni ; Atteridgeville · Bronberg · Mogapeng · Mogodumo · Mogwadi · Mohlake · Mohlarekoma · Mohlatsengwane · Mohlopi · Mohlopi · Mohlakeng · Mohwelere · Mokgoatsane · Mokopane. Makhado · Bela-Bela · Hoedspruit · Haenertsburg · Lephalale (Ellisras) · Phalaborwa · Polokwane (Pietersburg) · Tzaneen.Hoedspruit · Hoedspruit. #1 – Hoedspruit ; Haenertsburg · Haenertsburg. #2 – Haenertsburg ; Tzaneen · Tzaneen. Polokwane, Louis Trichardt, Mahwelereng, Giyani, Limpopo,

Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...

drm1699

Dr Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.

GraphSummit Milan & Stockholm - Neo4j: The Art of the Possible with Graph

Neo4j

Navigation in flutter – how to add stack, tab, and drawer navigators to your ...

Flutter Agency

Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024

SimonedeGijt

^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank

kasambamuno

GraphSummit Milan - Visione e roadmap del prodotto Neo4j

Neo4j

Modern binary build systems - PyCon 2024

Henry Schreiner

If you weren't able to make it to Florida Dreamin' last Fall, then you are in luck. We are bringing you one of the most talked about sessions during the conference. You won't want to miss this insightful presentation from Cyndy Ferguson, Team Lead, Client Success Manager, Craftsman Technology Group titled: Why I hire and train Junior Admins, and why you should too! Presentation Description: You say you don't have time to hire, train and mentor Junior Admins? But you have time to interview 50 people, none of whom fit your current Salesforce Admin job description? Let me show you how to hire, train, and retain Freshies or Junior Admins, while saving time, money and your sanity. I have developed 30-day, 60-day, 90-day, and 180-day plans to skill up new Admins and make your life easier. Also, join us to get some key highlights for the Summer '24 Release that will impact and provide value to most Orgs. These updates will be available in your Sandbox and Production Orgs during the months of May and June presented by Marc Lester, Engagement Manager, Coastal. Did you know most new features are included with your initial purchase? Explore the latest innovations in the release to maximize your ROI from Salesforce. Some features in Summer ’24 will affect all users immediately after the release goes live, which are already available in your Sandbox and Production Orgs. If you haven't already done so, consider communicating these changes to your users so they understand the updates and know how to best take advantage of them. Other features require direct action by an administrator before users can benefit from the new functionality. Learn about some of each of these features and enhancements and which ones will benefit your organization the most.

Jax, FL Admin Community Group 05.14.2024 Combined Deck

Marc Lester

Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...

Abortion Clinic

Computation is increasingly constrained by power. With each advancement in the manufacturing process, a decreasing percentage of the CPU can operate at full capacity, leading to the emergence of the term 'dark silicon'. This trend necessitates techniques that utilize chip area to optimize power efficiency through specialized accelerators. The presentation will outline key concepts that led to the dark silicon such as Moore’s law and breakdown of Dennard scaling, followed by an overview of current and upcoming CPU accelerators. The focus will then shift to vector units and the specifics of vector programming. Attendees will be introduced to registers, a range of vector operations, and methods to develop branchless algorithms such as sorting networks. The session will conclude with an overview of the new Java Vector API and how it was already picked up by projects to do AI inference (Llama 2) and vector search (AstraDB and Cassandra).

[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse

Tomasz Kowalczewski

Evolving Data Governance for the Real-time Streaming and AI Era

confluent

This session unveils the multifaceted horizontal scaling strategies that power Wix's robust infrastructure. From Kafka consumer scaling and dynamic traffic routing for site segments to DynamoDB sharding and MySQL clusters custom routing with ProxySQL, we dissect the mechanisms that ensure scalability and performance at Wix. Attendees will learn about the art of sharding and routing key selection across different systems, and how to apply these strategies to their own infrastructure. We'll share insights into choosing the right scaling strategy for various scenarios, balancing between managed services and custom solutions. Key Takeaways: - Grasp various sharding techniques and routing strategies used at Wix. - Understand key considerations for sharding key and routing rule selection. - Learn when and why to choose specific horizontal scaling strategies. - Gain practical knowledge for applying these strategies to achieve scalability and high availability. Join us to gain a blueprint for scaling your systems horizontally, drawing from Wix's proven practices.

Effective Strategies for Wix's Scaling challenges - GeeCon

Natan Silnitsky

Encryption Recap: A Refresher on Key Concepts

thomashtkim

Abortion Clinic In Johannesburg ](+27832195400*)[ 🏥 Safe Abortion Pills in Jo...

Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg

^Clinic ^%[+27788225528*Abortion Pills For Sale In harare

kasambamuno

^Clinic ^%[+27788225528*Abortion Pills For Sale In soweto

kasambamuno

Unlock the full potential of your software development lifecycle with SpiraPlan's powerful REST APIs. Led by experts from Inflectra and our partner, MVerve, this webinar offers a practical guide to leveraging the API's power for automation, integration, and data-driven insights. Whether you're an API expert or beginner, our recap blog is packed with valuable information to enhance your SpiraPlan experience. The webinar emphasized how SpiraPlan's REST API allows you to: • Automate Workflows: Streamline your processes by automating repetitive tasks. • Integrate with Existing Tools: Seamlessly connect SpiraPlan with your existing software ecosystem. • Build Custom Solutions: Tailor SpiraPlan to your unique needs by developing custom applications and integrations. • Gain Deeper Insights: Extract valuable data from SpiraPlan for advanced reporting and analysis.

From Theory to Practice: Utilizing SpiraPlan's REST API

Inflectra

Remaining informed about evolving trends is crucial for both businesses and developers in the dynamic field of web development. The year 2024 heralds groundbreaking advancements poised to revolutionize website construction and interaction. From progressive web apps and voice search optimization to prioritizing accessibility and cybersecurity, staying attuned to these trends is imperative. In this blog, we delve deeper into the pivotal trends shaping the future of web development in the upcoming year.

The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf

kalichargn70th171

A Deep Dive into Secure Product Development Frameworks.pdf

ICS

COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...

naitiksharma1124

Destacado

https://www.hubspot.com/state-of-marketing · Scaling relationships and proving ROI · Social media is the place for search, sales, and service · Authentic influencer partnerships fuel brand growth · The strongest connections happen via call, click, chat, and camera. · Time saved with AI leads to more creative work · Seeking: A single source of truth · TLDR; Get on social, try AI, and align your systems. · More human marketing, powered by robots

2024 State of Marketing Report – by Hubspot

Marius Sescu

ChatGPT is a revolutionary addition to the world since its introduction in 2022. A big shift in the sector of information gathering and processing happened because of this chatbot. What is the story of ChatGPT? How is the bot responding to prompts and generating contents? Swipe through these slides prepared by Expeed Software, a web development company regarding the development and technical intricacies of ChatGPT!

Everything You Need To Know About ChatGPT

Expeed Software

Product Design Trends in 2024 | Teenage Engineerings

Pixeldarts

Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits. To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups. Technology For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did. While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis. Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad. Age and Gender When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same. Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers. Race Affects Attitudes As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).

How Race, Age and Gender Shape Attitudes Towards Mental Health

ThinkNow

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

marketingartwork

Skeleton Culture Code

Skeleton Technologies

PEPSICO Presentation to CAGNY Conference Feb 2024

Neil Kimberley

Content Methodology: A Best Practices Report (Webinar)

contently

How to Prepare For a Successful Job Search for 2024

Albert Qian

A report by thenetworkone and Kurio. The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).

Social Media Marketing Trends 2024 // The Global Indie Insights

Kurio // The Social Media Age(ncy)

The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands. It’s important that you’re ready to implement new strategies in 2024. Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024. You’ll learn: - The latest trends in AI and automation, and what this means for an evolving paid search ecosystem. - New developments in privacy and data regulation. - Emerging ad formats that are expected to make an impact next year. Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape. If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.

Trends In Paid Search: Navigating The Digital Landscape In 2024

Search Engine Journal

From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world. With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively. The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage. Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience. See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers See the original article on Forbes here: http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b

5 Public speaking tips from TED - Visualized summary

SpeakerHub

Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world. Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance. For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age. Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.

ChatGPT and the Future of Work - Clark Boyd

Clark Boyd

Getting into the tech field. what next

Tessa Mero

Google's Just Not That Into You: Understanding Core Updates & Search Intent

Lily Ray

How to have difficult conversations

Rajiv Jayarajah, MAppComm, ACC

Introduction to Data Science

Christy Abraham Joy

Time Management & Productivity - Best Practices

Vit Horky

The six step guide to practical project management If you think managing projects is too difficult, think again. We’ve stripped back project management processes to the basics – to make it quicker and easier, without sacrificing the vital ingredients for success. “If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.” Dr Andrew Makar, Tactical Project Management

The six step guide to practical project management

MindGenius

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

RachelPearson36

Destacado (20)

2024 State of Marketing Report – by Hubspot

Everything You Need To Know About ChatGPT

Product Design Trends in 2024 | Teenage Engineerings

How Race, Age and Gender Shape Attitudes Towards Mental Health

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

Skeleton Culture Code

PEPSICO Presentation to CAGNY Conference Feb 2024

Content Methodology: A Best Practices Report (Webinar)

How to Prepare For a Successful Job Search for 2024

Social Media Marketing Trends 2024 // The Global Indie Insights

Trends In Paid Search: Navigating The Digital Landscape In 2024

5 Public speaking tips from TED - Visualized summary

ChatGPT and the Future of Work - Clark Boyd

Getting into the tech field. what next

Google's Just Not That Into You: Understanding Core Updates & Search Intent

How to have difficult conversations

Introduction to Data Science

Time Management & Productivity - Best Practices

The six step guide to practical project management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

Security testing guidelines for mobile apps

1. Security Testing Guidelines for mobile Apps Welcome to Presentation http://mobilelabsinc.com/

2. Mobile App Threat Landscape Location-independent (mobile) • “Always online” and traceable •Consumerization – devices are built for personal use • Focus on functionality and design rather than security • Raise of sensitive use cases for mobile apps

3. Mobile app development companies are making things more easy by designing mobile apps that are user- friendly and secure.

4. Situation Mobile Security Testing Mobile apps have some specific characteristics regarding penetration testing Custom guidelines have not been available msg systems decided to develop guidelines (MSTG) with Munich University of Applied Sciences

5. Challenges Identify differences to common penetration tests Flexible Preconditions App Security also depends on device security (jailbreak, different platforms, versions, interfaces, MDM, etc. Different attackers (internal, external, network or device access, blackbox / whitebox, etc.

6. Mobile Security Testing Guide Overview

7. Intelligence Gathering Try to catch as much as possible information about the app • Consists of 2 analysis

8. Differences to conventional Process Focus mainly on the architectural/technical part Not considering mobile specific requirements

9. Intelligence Gathering Environmental Analysis Architectural Analysis Focus on the company behind the app and their business case and the relating stakeholders • Analyze internal processes and structures App (network interfaces, used data, communication with other resources, session management, jailbreak/rooting detection, …) • Runtime environment (MDM, jailbreak/rooting, os version) • Backend services (application server, databases, firewall, …)

10. Summary Mobile Security Testing Guide … considers mobile characteristics, but is independent from technologies • … helps to improve transparency and repeatability for mobile penetration testing • … is a holistic approach with sufficient flexibility • … and ultimately helps to improve mobile app security.

11. Contact information Headquarters 3423 Piedmont Road NE Suite 465 Atlanta, GA 30305 +1 (404) 214 5804 Info@mobilelabsinc.com http://mobilelabsinc.com/ https://www.youtube.com/watch?v=EbHl7i75l5s

Security testing guidelines for mobile apps

Recomendados

Recomendados

Más contenido relacionado

Último

Último (20)

Destacado

Destacado (20)

Security testing guidelines for mobile apps