PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps.

Slides:



Advertisements
Similar presentations
Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
Advertisements

A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel, Giovanni Vigna.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
Cloud Computing ity-notre-dame-logo.jpg Matthew Cunningham Selina Sambar Maria Skorcz.
Plan Introduction What is Cloud Computing?
Reverse Benchmarking -- Tom Stracener, Sr. Security Analyst, Cenzic Inc. Toorcon 9.
Celoxis Intro Celoxis is a web-based project management software company based in India. The Celoxis application integrates management of projects, resources,
By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.
“Good Enough” Metrics Jeremy Epstein Senior Director, Product Security webMethods, Inc.
WHATAREWIKIS? A wiki is a page or collection of web pages designed to enable anyone who accesses it to contribute or modify content, using a simplified.
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.
Cloud computing.
Application Security
In the name of God :).
1Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. MOBILE THREAT EXAMPLE.
Introduction Thomson Chan Rosaryhill School
Application Security Testing A practitioner’s rambling advice & musings.
An Ad Hoc Writable Rule Language for White-Box Security Scanners Author:Sebastian Schinzel Referent:Prof. Dr. Alexander del Pino Korreferent:Prof. Dr.
Single Sign-On
ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.
Mobile Security iPhone and Android OS. iPhone Security Features Find my iPhone Remote wipe Automated back up at sync Auto lock / passcode lock Wipe after.
RUBRIC IP1 Ruben Botero Web Design III. The different approaches to accessing data in a database through client-side scripting languages. – On the client.
SCHEMAS Workshop Bath - May 2000 Andy Powell, UKOLN Example tool/registry integration UKOLN is funded by Resource: The Council.
ABS Presentation Layer Our Retail Other’s Presentation Layers Wholesale to other parties Static ABS Web Site 3rd party portals Mobile Apps Dynamic ABS.
Ajax for Dynamic Web Development Gregory McChesney.
MobileSecurity Vulnerability Assessment Tools for the Enterprise Mobile Security Vulnerability Assessment Tools for the Enterprise Integrating Mobile/BYOD.
Box.net Kerndeep Sidhu. What is Box.net? Provides cloud content management Empowers users to access and share content online Allows IT professionals to.
Application Programming Interfaces. Unacceptable... That employees need to find business information, and documents in an expensive remote desktop.
Express mail track and Trace System Presented By : 360 Technologies Pvt Ltd.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
MEDIA KIT. WHO WE ARE? YOUR TEXT HERE 6:58 min AVG. SESSION DURATION 13.6M+ UNIQUE USERS 2.8M+ FACEBOOK LIKES 189M+ MONTHLY PAGE VIEWS 71.3M+ RETURNING.
What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.
Windows App Studio Windows App Studio is the tool that makes it fast and easy to build Windows 10 apps. It’s accessible from any device with a browser.
Presented by: Saurabh Kumar Sinha (MRT07UGBIT 186) IT VII Semester, Shobhit University Meerut.
By: Amol Kokje Tosha Shah Raymond Tyler. Outline of Presentation Motivation Goals Methodology Application Flow What we have done To do Possible extensions.
Web designing company in Bangalore Web designing company in Bangalore Quuick- Web Designing, Web Development, Mobile App Development & Android App Development.
Mobile app development India. Mobile app development company.
WELCOME Mobile Applications Testing
MANAGEMENT INFORMATION SYSTEMS
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
2017'S FASTEST WINDOWS 10 WEB BROWSER ALL SET TO LAUNCH ON NOVEMBER 14 Firefox Quantum.
Grades4sure PDF Dumps CompTIA Security + Certification Exam
Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.
Software Applications for end-users
>> Introduction to Web Applications
Internet and security.
Apps I use everyday! 5 LEARN MORE.
Are these Ads Safe: Detecting Hidden A4acks through Mobile App-Web Interfaces Vaibhav Rastogi, Rui Shao, Yan Chen, Xiang Pan, Shihong Zou, and Ryan Riley.
About us Expert Technologies has been delivering software solutions for enterprise and middle market customers across multiple target industries.
Mohammed Alhusein.
Module 3 Building a web app.
Android Mobile apps development services company in India
Open Source Technologies
Analyzing WebView Vulnerabilities in Android Applications
Lesson Objectives Aims
Collaborative Business Solutions
This is a typical Windows user desktop
Top Reasons to Choose Android Today. Over the years the Android OS has progressed largely by acquiring major percent of global market share. A number.
Top Reasons to Choose Android Today. Over the years the Android OS has progressed largely by acquiring major percent of global market share. A number.
Ransomware in Web Apps OWASP Singapore.
What's in an Ad? Connor Leonhardt.
Secure Web Programming
Morgan Library Event Hall
Firefox focus Lana Marinculic.
Revision PowerPoint By Nicole Davidson.
Client/Server Computing and Web Technologies
The Problem Microsoft Active Directory (AD) is used by almost every big company Microsoft AD uses Kerberos Authentication Android are forcing customers.
Presentation transcript:

PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps

Need for Vetting Hardcoded passwords Web browser vulnerabilities Language used Use of third party apps/libraries

Vetting Apps Security – CWE has a list of possible Software weaknesses/errors. Analysis – Static (App source code), Dynamic (test data), Questionnaire (DHS Questionnaire) Analysis Tools App Submission and Reporting – Mechanisms, Infrastructure Human Analysis – e.g. vetting false positives

Important Conclusions Well the testing can not be restricted to only one kind of tool/method. For example of a mobile app using open CV libraries as we all know its third party apps you need to test black box testing and for the functionality of source code we need to have white box testing.

Questions from Audience Burden of Security on user. For most of apps from example Remote Desktop by Google Chrome it solely depends on user to allow personal data as public data in order to use the app. So the security is a shared concern between company publishing app and user what all data they need to make public in order to use specific services.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.