Mobile App Security Predictions 2019

•

1 like•826 views

Originally presented January 23, 2019 -https://www.brighttalk.com/webcast/15139/344870?utm_source=Slideshare&utm_medium=referral&utm_campaign=344870 2019 is already shaping up to be a standout year for mobile appsec and secure DevOps. If we can say anything with certainty, it’s that cybersecurity is unpredictable and the wave of DevSecOps is unstoppable. But we foresee intensifying concerns about digital privacy amidst high-profile breaches. This deck lists our predictions about what’s in store for our customers and the community in the year ahead. Our veteran industry leaders will prognosticate about developments in these areas: + Mobile ecosystem: OSes, devices, apps and app stores + Evolving mobile security threats + The rise of DevSecOps and the automation of everything + The disruptive economics of automating manual pen testing

Mobile

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
MOBILE APP SECURITY
PREDICTIONS 2019

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
AGENDA
INTRODUCTIONS
10 LEADING QUESTIONS
MANY PREDICTIONS
OPEN Q&A
SPEAKERS
3
ALAN SNYDER
CEO
BRIAN REED
CMO
DAVID WEINSTEIN
CTO

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT IS THE INTERPLAY OF
DIGITAL TRANSFORMATION &
MOBILE APPS?
4

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.5
MCDONALDS SPENDING $6BN ON TRANSFORMATION

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHERE WILL THE BIG MOBILE
BREACHES HAPPEN?
6

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.7
MOBILE APPS DOMINATE USAGE, BRINGS THE ATTACKERS

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.8
KEY SEGMENTS ARE NOW MOBILE APP DOMINANT

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT THE STATE OF
MOBILE SECURITY IN 2019?
9

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.10
GROWING REALIZATION CURRENT TESTING FAILS
85 Third-party app store apps violate
OWASP MOBILE TOP 10
%
35 Have un-encrypted
data transmission
%50 Android apps dynamically load
code missed by static analysis
%
3X More likely to leak
account credentials
Biz Apps
Source: NowSecure Software and Research Data 2017-2018
SAST? DAST? PEN TESTING?

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.11
MOBILE APP BENCHMARKS 0 59 60-69 70-79 80-89 90-100
Low RiskHgh Risk Caution

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT MOBILE RISK
VECTORS IN 2019 & BEYOND?
12

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.13
OSS & 3RD-PARTY RISKS CONTINUE TO GROW

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.14
RICH COMMUNICATIONS SERVICES PRESENT NEW RISKS
FRESH CODE!
FRESH VULNS!

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.15
PHONE NUMBER FOR AUTH INCREASINGLY RISKY

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT THE TRENDS IN
MOBILE APPSEC TESTING IN 2019?
16

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.17
FRUSTRATIONS WITH MOBILE PEN TESTING WILL GROW

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.18
APPSEC TESTING COST & RISK CATCH 22
FREQUENCY OF RELEASE
FREQUENCY OF TESTING
COST
FREQUENCY OF RELEASE
FREQUENCY OF TESTING
RISK
GOAL

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
MOBILE IS THE LEAD DOG ON DEVOPS & SHIFT LEFT
Build
Binary
Code
Commit
Test
Binary
</>
Dev
Cycle
Stage Deploy
SECURITY & TESTING TOOLS
SAST Scan
Pre-build
DAST Scan
Post-build
Pre-release
Manual Test
Outsourced
PEN Testing
Vulnerability
Management
Management
Reporting
Compliance
Reporting
App Store
Monitoring
IDEs &
Languages
Build Tools & CI/CD
Platforms
Ticket
Systems
App
Management
Release
Management
Management
Dashboards
Compliance
Management
App Stores
(in/external)
DEV & CI/CD TOOLS
19

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT SECURITY
STAFFING IN 2019?
20

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.21
SHORTAGES IN SECURITY EXPERTS WILL GROW

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.22
STAFFING SHORTAGES WILL DRIVE AUTOMATION

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT FUNDAMENTALS OF
MOBILE OS 2019 & BEYOND?
23

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.24
THE FREQUENCY OF JAILBREAKS DECLINES

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.25
GOOGLE EXPLORING NEW FRONTIERS
New Mobile LanguageNew Mobile OS New Mobile SDKs

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
WHAT ABOUT MOBILE PRIVACY &
LEGISLATION IN 2019?
26

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.27
FURTHER PRIVACY LEGISLATION WILL TAKE HOLD

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.
AND ONE MORE THING….
28

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.29
AND MAYBE SOMEONE WILL HACK A TESLA

© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.30
OPEN Q&A
Use the “Ask a Question” tab below the slides
DAVID WEINSTEIN
CTO
BRIAN REED
CMO
ALAN SNYDER
CEO

What's hot

Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA

NowSecure

Hear Radare creator Sergi (Pancake) Alvarez conduct a deep dive of r2frida, a framework that combines the best of Frida and Radare. Frida and Radare are leading open-source reverse engineering tools sponsored by NowSecure. Targeting intermediate to advanced users and security analysts, this overview will highlight the r2frida plug-in architecture. Watch the webinar: http://bit.ly/2DBHt7M Watch this webinar to learn: + What dynamic and static techniques the individual tools provide to assist security analysts with reverse engineering; + Why r2frida’s plugin architecture eases the task of performing reverse engineering workflows; + How to create your own new plug-in.

OSS Tools: Creating a Reverse Engineering Plug-in for r2frida

NowSecure

Originally presented on January 23, 2018 A comprehensive analysis of iOS and Android apps found that a staggering 85% of those apps fail one or more of the OWASP Mobile Top 10 criteria. Given that the average mobile device has over 89 mobile apps on it, what are the odds your employees have one or more of the apps and what’s the real risk to your business? Mobile apps power productivity in the modern business; don’t let a few bad apps bring it down.

85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?

NowSecure

Originally Presented March 21, 2018 Most mobile app penetration tests or vulnerability assessments take anywhere from a couple of days to two weeks to deliver because of the manual approaches, brittle open source stacks in homegrown testing rigs and legacy application security testing (AST) tools. The shift to agile development common in mobile app development teams has left appsec testing behind. New mobile app builds are pushed daily, weekly or monthly, and appsec testing teams struggle to keep up. Each new build brings new code, including 3rd-party libraries, and with that code comes new potential vulnerabilities. Application security & testing teams - this one’s for you. If you’re looking for ways to join the agile approach and keep pace with the speed of your development team’s CI/CD pipeline, take stock of these 5 tips for mobile appsec testing and integrate them into your company’s workflow.

5 Tips for Agile Mobile App Security Testing

NowSecure

Mobile Penetration Testing: Episode III - Attack of the Code

NowSecure

This is an encore presentation of NowSecure CEO Andrew Hoog’s talk “How Android and iOS Security Enhancements Complicate Threat Detection” from RSA Conference 2017. You'll learn about: + Five security enhancements in the Android and iOS platforms that present obstacles to defenders and incident responders + Tips on overcoming those challenges + The open-source Mobile Triage toolset that facilitates the collection of mobile threat and vulnerability data

How Android and iOS Security Enhancements Complicate Threat Detection

NowSecure

Mobile Penetration Testing: Episode 1 - The Forensic Menace

NowSecure

Five mobile security challenges facing the enterprise

NowSecure

Identity Relationship Management - The Right Approach for a Complex Digital W...

ForgeRock

This session covers the challenges that online retailer “Band Materials” now face as the business grows and the external customer base increases to internet scale. What steps can the management take to transform their customer identity landscape? This backstage tour will cover the live deployment and configuration of components within the ForgeRock Identity Platform. The session includes interactive discussion and feature: - Single View of the Customer - Social media registration - Multi-Factor Single Sign On - Consent driven sharing - IoT integration You will leave the tour with a good understanding of how to deploy large scale digital identity projects and where you should start.

Backstage Tour of Identity - London Identity Summit

ForgeRock

Clear and Present Danger

Ping Identity

iOS recon with Radare2

NowSecure

Katie Stzempka, VP of Customer Success & Services, shares some helpful guidance on how to launch and improve an internal mobile app security program. You'll learn: -- How to unite a disarray of tasks into a mobile app security testing process -- How to choose the right mobile app security testing tools for your maturity -- How to establish buy-in and collaborate with developers and your DevOps team

Next-level mobile app security: A programmatic approach

NowSecure

Mobile App Hacking In A Nutshell

Prathan Phongthiproek

OWASP Mobile Top 10

NowSecure

Due to the fast-growing on mobile application trends along with business competition, the lack of security concern on mobile development become critical issues which may lead to reputation damage, financial loss and non-compliance (e.g. Privacy and Cybersecurity laws). It's time to focus on Mobile Defense-in-Dev(Depth) !! The talk will provide the real-world case-studies on mobile application threats in conjunction with the cybersecurity risk mitigation using Secure development standard and guideline which should be integrated into the development process.

Mobile Defense-in-Dev (Depth)

Prathan Phongthiproek

I mas appsecusa-nov13-v2

drewz lin

OWASP Mobile Top 10 Deep-Dive

Prathan Phongthiproek

Jump-Start The MASVS

Prathan Phongthiproek

Using Deception to Detect and Profile Hidden Threats

Satnam Singh

What's hot (20)

Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA

OSS Tools: Creating a Reverse Engineering Plug-in for r2frida

85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed?

5 Tips for Agile Mobile App Security Testing

Mobile Penetration Testing: Episode III - Attack of the Code

How Android and iOS Security Enhancements Complicate Threat Detection

Mobile Penetration Testing: Episode 1 - The Forensic Menace

Five mobile security challenges facing the enterprise

Identity Relationship Management - The Right Approach for a Complex Digital W...

Backstage Tour of Identity - London Identity Summit

Clear and Present Danger

iOS recon with Radare2

Next-level mobile app security: A programmatic approach

Mobile App Hacking In A Nutshell

OWASP Mobile Top 10

Mobile Defense-in-Dev (Depth)

I mas appsecusa-nov13-v2

OWASP Mobile Top 10 Deep-Dive

Jump-Start The MASVS

Using Deception to Detect and Profile Hidden Threats

Similar to Mobile App Security Predictions 2019

The stunning rise of cloud, mobile, social, and the Internet of Things (IoT) has created the new Open Enterprise and is the driving force behind the application economy, which is real and here now. The application economy has transformed the way we do business, and our security practices also need to evolve in order to adapt to this new reality. As 2015 starts out, it’s time to review which important trends have emerged or shifted in the last year, and predict what we expect will happen in the world of identity , access, and API management in the coming year. Our predictions are based on gathering thoughts and ideas from many practitioners and industry experts, and synthesizing them down to a key set of insights that provide a clear understanding of where the world of identity and security is going. To learn more about CA Security solutions, please visit: http://bit.ly/10WHYDm

CA Technologies Predictions for Identity Management in 2015 – The Application...

CA Technologies

La Seguridad en la Economía de las Aplicaciones

Asociación de Marketing Bancario Argentino

Towards the Next Generation Financial Crimes Platform - How Data, Analytics, ...

Molly Alexander

The Silicon Review “5 Best Digital Marketing Companies to Watch, and 5 Best Security Companies to Watch 2019”. These companies are not only the lead players in the market, but are helping other companies to engage their customers. The companies that are enlisted are armed with right marketing tools, know the art of executing an idea, known for their simplest yet reliable cybersecurity solutions and pro-active ability, customer centric approach and strategies to overcome market uncertainties.

The Silicon Review's 5 Best Security & Digital Marketing Companies

Pavan Kumar

PCM Vision 2019 Keynote: Gary Miglicco

PCM

2018 trends to watch out for in mobile app development

Ray Business Technologies

The Top 5 Fintech Trends Everyone Should Be Watching In 2020

Bernard Marr

Trend Micro Solutions Overview

John D. Haden

The State of Mobile Ad Fraud 2018 - Mama Sao Paulo 2018

AppsFlyer

The 7 Biggest Technology Trends To Disrupt Banking & Financial Services In 2020

Bernard Marr

Digital growth demands identity management. Digital identities allow companies to identify and engage with their customers across devices, from laptops to mobiles, tablets, connected cars, healthcare wearables, and connected home devices. Companies cannot take advantage of mobile, cloud, or Internet of Things (IoT) innovations without a scalable, replicable identity strategy. This session is designed to help you understand the essentials of customer-focused identity and how it helps you engage with your customers.

ForgeRock Gartner 2016 Security & Risk Management Summit

ForgeRock

Accounting for Cyber Risks - How much does Cyber actually cost the Industry?

Jef Lacson

Global Cloud Services Market

nishashaha

At&t cybersecurity introduction with alien vault

Mohamed Abdelhakim

Mobile workforces and apps have revolutionized a number of highly regulated industries. State and federal regulations, such as the Health Information Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX), and industry standards, such as the PCI Data Security Standard (PCI DSS) and OWASP Top 10, have evolved as a result. So how do you achieve compliance outcomes for mobile apps? *These slides accompany the webinar: https://youtu.be/mqIU5dDyHwM

Compliance in the mobile enterprise: 5 tips to prepare for your next audit

NowSecure

Law enforcement agencies have to do more with less, yet the challenges of public safety are becoming more complex. Despite funding hurdles, several agencies are finding success tapping into technologies like predictive policing and data analytics to do their jobs. Tune in to Market Intelligence SLED consultant, Rachel Eckert, as she explores how law enforcement is using technology to stretch finite resources and offers insight into how companies should target law enforcement, what programs agencies are undertaking and what solutions are in demand.

Law Enforcement Needs a Boost--Here's How Technology Can Help

immixGroup

AI and its impact on app competitiveness

GAVS Technologies

TipoTapp For The Customer

Paul Armstrong

25 Big Tech predictions in 2016 by Business Insider Intelligence Research team. Bản báo cáo mới được công bố của Bộ phận nghiên cứu phát triển thuộc tạp chí uy tín Business Insider (Business Insider Intelligence Research team) có chứa tất cả các từ khóa đang “hot” nhất của giới công nghệ hiện nay: từ the Internet of Things (IoT) đến sự bùng nổ của Indonesia như một thị trường Smart phone lớn thứ 2 thế giới sau Ấn Độ hay các xu hướng chính yếu của Digital Media và E-commerce.

25 xu hướng công nghệ hàng đầu năm 2016

Phuong Bi

25 Big Tech Predictions for 2016 - Report

MYO AUNG Myanmar

Similar to Mobile App Security Predictions 2019 (20)

CA Technologies Predictions for Identity Management in 2015 – The Application...

La Seguridad en la Economía de las Aplicaciones

Towards the Next Generation Financial Crimes Platform - How Data, Analytics, ...

The Silicon Review's 5 Best Security & Digital Marketing Companies

PCM Vision 2019 Keynote: Gary Miglicco

2018 trends to watch out for in mobile app development

The Top 5 Fintech Trends Everyone Should Be Watching In 2020

Trend Micro Solutions Overview

The State of Mobile Ad Fraud 2018 - Mama Sao Paulo 2018

The 7 Biggest Technology Trends To Disrupt Banking & Financial Services In 2020

ForgeRock Gartner 2016 Security & Risk Management Summit

Accounting for Cyber Risks - How much does Cyber actually cost the Industry?

Global Cloud Services Market

At&t cybersecurity introduction with alien vault

Compliance in the mobile enterprise: 5 tips to prepare for your next audit

Law Enforcement Needs a Boost--Here's How Technology Can Help

AI and its impact on app competitiveness

TipoTapp For The Customer

25 xu hướng công nghệ hàng đầu năm 2016

25 Big Tech Predictions for 2016 - Report

More from NowSecure

Originally Presented December 6, 2018 As DevOps teams seek to accelerate the mobile app dev pipeline, they rely on tools and best practices to gain speed. Because our engineering leader Jeff Fairman previously ran software development for a top online brokerage, he understands the challenges of scaling security testing to meet current demands. After discovering the NowSecure automated testing platform, Jeff Fairman was so impressed with the tech that he joined the company to help DevOps and security teams build and release safe mobile apps. Listen this webinar to learn: + Why you need dynamic application security (DAST) testing to flag vulnerabilities in the post-build phase + The unique requirements, toolchain options and best practices for secure mobile DevOps + How to combine continuous daily testing with outsourced pen testing.

Jeff's Journey: Best Practices for Securing Mobile App DevOps

NowSecure

Originally presented on June 12, 2018 Much of the improvements for iOS 12 focused on privacy and reliability. What prompted these changes and how will it affect the path forward? In this discussion, Tony Ramirez, Mobile Security Analyst, shares about the following: + Learnings & remediations from iOS 11 + Predictions coming out of WWDC + How we see the newest software update, iOS 12, affecting mobile app security testing

iOS 12 Preview - What You Need To Know

NowSecure

Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk

NowSecure

Our threat research team spends every waking moment reverse-engineering and cracking mobile apps and devices to help organizations reduce mobile risk. Originally presented on October 24, 2017, mobile security expert and NowSecure founder Andrew Hoog explains the attacker’s point-of-view, what attackers are looking for in mobile banking or financial services apps, and what makes your mobile app an appetizing target. He then provides tips for deploying a mobile app security testing program to ensure you proactively plug security holes, squash privacy leaks, and fill compliance gaps in your mobile apps.

What attackers know about your mobile apps that you don’t: Banking & FinTech

NowSecure

Mobile apps fall in scope for a number of regulatory requirements that govern the banking and financial services industries, such as: guidelines from the Federal Financial Institutions Examination Council (FFIEC), the Gramm–Leach–Bliley Act (GLBA), New York State cybersecurity requirements for financial services companies, the Payment Card Industry Data Security Standard (PCI DSS), the Sarbanes-Oxley Act, and more. Luckily, a repeatable mobile app security assessment program and standardized reporting go a long way in both achieving compliance objectives and securing mobile apps and data. Originally presented on August 22, 2017, NowSecure Security Solutions Engineer Brian Lawrence explains: -- How and where exactly mobile apps fall in scope for various compliance regimes -- Mobile app security issues financial institutions must identify and fix for compliance purposes -- How assessment reports can be used to demonstrate due diligence

Solving for Compliance: Mobile app security for banking and financial services

NowSecure

The amount of data collected by mobile devices and apps is shocking, and vulnerable mobile apps expose that data to compromise. In our static and dynamic analysis of hundreds-of-thousands of mobile apps, we found that 25 percent of them harbor at least one high-risk vulnerability such as collecting/transmitting location data, credentials, and more in cleartext. Mobile data may only be as secure as the weakest app on someone’s device. Mobile app developers need to protect the users of their apps by building high quality, secure apps. This presentation covers the most common mobile app vulnerabilities (including a real-world demonstration), how to identify those vulnerabilities, and what to do to remediate them. Slides from NowSecure Senior Solutions Engineer Jon Porter's talk at the OWASP Denver Chapter's July 2017 meeting.

Leaky Mobile Apps: What You Need to Know

NowSecure

Vetting Mobile Apps for Corporate Use: Security Essentials

NowSecure

A mobile app that’s vulnerable to man-in-the-middle (MITM) attacks can allow an attacker to capture, view, and modify sensitive traffic sent and received between the app and backend servers. At NowSecure, Michael Krueger and Tony Ramirez spend their days performing penetration tests on Android and iOS apps, which include exploiting MITM vulnerabilities and helping developers fix them. These slides are from a 30-minute webinar with Michael & Tony about MITM attacks on mobile apps and how to prevent them that will cover: -- Identifying man-in-the-middle vulnerabilities in mobile apps -- How to execute a mobile man-in-the-middle attack -- Right and wrong ways to implement certificate validation and certificate pinning

Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...

NowSecure

Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence

NowSecure

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

NowSecure

Cybersecurity Fundamentals for Bar Associations

NowSecure

In this, the second, episode of our mobile penetration testing trilogy, NowSecure Solutions Engineer Michael Krueger takes you beyond the device. Michael will explain how to perform network and web services/API testing to capture data exposed in transit between apps and backend services -- some of the highest risk security flaws around. This high intensity 30-minute crash course covers: + Man-in-the-middle (MITM) attacks + Taking advantage of improper certificate validation + Demonstration of a privilege escalation exploit of a web back-end vulnerability Watch it here: https://youtu.be/bT1-7ZkSdNY

Mobile Penetration Testing: Episode II - Attack of the Code

NowSecure

More from NowSecure (12)

Jeff's Journey: Best Practices for Securing Mobile App DevOps

iOS 12 Preview - What You Need To Know

Mobile Apps & Connected Healthcare: Managing 3rd-Party Mobile App Risk

What attackers know about your mobile apps that you don’t: Banking & FinTech

Solving for Compliance: Mobile app security for banking and financial services

Leaky Mobile Apps: What You Need to Know

Vetting Mobile Apps for Corporate Use: Security Essentials

Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...

Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

Cybersecurity Fundamentals for Bar Associations

Mobile Penetration Testing: Episode II - Attack of the Code

Recently uploaded

99992-vip-66834 📞 Noida Sector 52 Low price 100% genuine sexy VIP call girls are provided safe and secure service .call 📞,,24 hours 🕰️-- ✅100% gesnuine young RIYA SERVICE COMPANY ✔✔✔ ★ A-Level (5 star ) ★ Strip-tease ★ BBBJ (Bareback Blowjob) Receive advanced sexual techniques in different mode make their life more pleasurable. ★ Spending time in hotel rooms ★ BJ (Blowjob Without a Condom) ★ Completion (Oral to completion) ★ Covered (Covered blowjob Without a Condom) ★ DATING (Dinner At Night) ★ DSL (Dick Sucking Lips) ★ DT (Dining at the Toes English Spanking) ★ Doggie (Sex style from behind) ★ Duo (shot with two escorts; Threesome with the client) ★ S-GFE (Special Girl Friend Experience) ★ HJ (Hand Job) ★ Special Massage ★ O-Level (Oral sex) ★ Tour (International) ★ 69 (69 sex) ★ BJ (Blowjob With Condom) ★ GFE (Girl Friend Experience) ★ CBJ (Covered Blow Job; Oral sex with a condom _ LOW PRICE V I P MODEL FULL SAFE AND SECURE CALL MExxxs CALL ME

9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service

nishacall1

Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)

Cara Menggugurkan Kandungan 087776558899

Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover

PsychicRuben LoveSpells

99992-vip-18229 📞Mahipalpur (Delhi) Low price 100% genuine sexy VIP call girls are provided safe and secure service .call 📞,,24 hours 🕰️-- ✅100% gesnuine young RIYA SERVICE COMPANY ✔✔✔ ★ A-Level (5 star ) ★ Strip-tease ★ BBBJ (Bareback Blowjob) Receive advanced sexual techniques in different mode make their life more pleasurable. ★ Spending time in hotel rooms ★ BJ (Blowjob Without a Condom) ★ Completion (Oral to completion) ★ Covered (Covered blowjob Without a Condom) ★ DATING (Dinner At Night) ★ DSL (Dick Sucking Lips) ★ DT (Dining at the Toes English Spanking) ★ Doggie (Sex style from behind) ★ Duo (shot with two escorts; Threesome with the client) ★ S-GFE (Special Girl Friend Experience) ★ HJ (Hand Job) ★ Special Massage ★ O-Level (Oral sex) ★ Tour (International) ★ 69 (69 sex) ★ BJ (Blowjob With Condom) ★ GFE (Girl Friend Experience) ★ CBJ (Covered Blow Job; Oral sex with a condom _ LOW PRICE V I P MODEL FULL SAFE AND SECURE CALL MExxxs CALL ME

FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR

nishacall1

Leading Mobile App Development Companies in India (2).pdf

CWS Technology

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service

Delhi Call girls

Recently uploaded (6)

9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service

Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)

Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover

FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR

Leading Mobile App Development Companies in India (2).pdf

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service

Mobile App Security Predictions 2019

1. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.© Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. MOBILE APP SECURITY PREDICTIONS 2019

3. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. AGENDA INTRODUCTIONS 10 LEADING QUESTIONS MANY PREDICTIONS OPEN Q&A SPEAKERS 3 ALAN SNYDER CEO BRIAN REED CMO DAVID WEINSTEIN CTO

10. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.10 GROWING REALIZATION CURRENT TESTING FAILS 85 Third-party app store apps violate OWASP MOBILE TOP 10 % 35 Have un-encrypted data transmission %50 Android apps dynamically load code missed by static analysis % 3X More likely to leak account credentials Biz Apps Source: NowSecure Software and Research Data 2017-2018 SAST? DAST? PEN TESTING?

18. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.18 APPSEC TESTING COST & RISK CATCH 22 FREQUENCY OF RELEASE FREQUENCY OF TESTING COST FREQUENCY OF RELEASE FREQUENCY OF TESTING RISK GOAL

19. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute. MOBILE IS THE LEAD DOG ON DEVOPS & SHIFT LEFT Build Binary Code Commit Test Binary </> Dev Cycle Stage Deploy SECURITY & TESTING TOOLS SAST Scan Pre-build DAST Scan Post-build Pre-release Manual Test Outsourced PEN Testing Vulnerability Management Management Reporting Compliance Reporting App Store Monitoring IDEs & Languages Build Tools & CI/CD Platforms Ticket Systems App Management Release Management Management Dashboards Compliance Management App Stores (in/external) DEV & CI/CD TOOLS 19

30. © Copyright 2018 NowSecure, Inc. All Rights Reserved. Proprietary information. Do not distribute.30 OPEN Q&A Use the “Ask a Question” tab below the slides DAVID WEINSTEIN CTO BRIAN REED CMO ALAN SNYDER CEO

Mobile App Security Predictions 2019

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Mobile App Security Predictions 2019

Similar to Mobile App Security Predictions 2019 (20)

More from NowSecure

More from NowSecure (12)

Recently uploaded

Recently uploaded (6)

Mobile App Security Predictions 2019