Presentation is loading. Please wait.

Presentation is loading. Please wait.

PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps.

Published byEdgar Wheeler Modified over 9 years ago

Similar presentations

Presentation on theme: "PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps."— Presentation transcript:

1 PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps

2 Need for Vetting Hardcoded passwords Web browser vulnerabilities Language used Use of third party apps/libraries

3 Vetting Apps Security – CWE has a list of possible Software weaknesses/errors. Analysis – Static (App source code), Dynamic (test data), Questionnaire (DHS Questionnaire) Analysis Tools App Submission and Reporting – Mechanisms, Infrastructure Human Analysis – e.g. vetting false positives

4 Important Conclusions Well the testing can not be restricted to only one kind of tool/method. For example of a mobile app using open CV libraries as we all know its third party apps you need to test black box testing and for the functionality of source code we need to have white box testing.

5 Questions from Audience Burden of Security on user. For most of apps from example Remote Desktop by Google Chrome it solely depends on user to allow personal data as public data in order to use the app. So the security is a shared concern between company publishing app and user what all data they need to make public in order to use specific services.

Download ppt "PRESENTERS: AMOL KOKJE, STEVEN OSBURN, SUNIT VERMA, TOSHA SHAH, KALP PARIKH Vetting Mobile Apps."

Similar presentations

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel, Giovanni Vigna.

A Large-Scale Study of Mobile Web App Security Patrick Mutchler, Adam Doupe, John Mitchell, Chris Kruegel, Giovanni Vigna.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
Cloud Computing ity-notre-dame-logo.jpg Matthew Cunningham Selina Sambar Maria Skorcz.

Cloud Computing ity-notre-dame-logo.jpg Matthew Cunningham Selina Sambar Maria Skorcz.
Plan Introduction What is Cloud Computing?

Plan Introduction What is Cloud Computing?
Reverse Benchmarking -- Tom Stracener, Sr. Security Analyst, Cenzic Inc. Toorcon 9.

Reverse Benchmarking -- Tom Stracener, Sr. Security Analyst, Cenzic Inc. Toorcon 9.
Celoxis Intro Celoxis is a web-based project management software company based in India. The Celoxis application integrates management of projects, resources,

Celoxis Intro Celoxis is a web-based project management software company based in India. The Celoxis application integrates management of projects, resources,
By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.

By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.
“Good Enough” Metrics Jeremy Epstein Senior Director, Product Security webMethods, Inc.

“Good Enough” Metrics Jeremy Epstein Senior Director, Product Security webMethods, Inc.
WHATAREWIKIS? A wiki is a page or collection of web pages designed to enable anyone who accesses it to contribute or modify content, using a simplified.

WHATAREWIKIS? A wiki is a page or collection of web pages designed to enable anyone who accesses it to contribute or modify content, using a simplified.
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.

Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.
Cloud computing.

Cloud computing.
Application Security https://store.theartofservice.com/the-application-security-toolkit.html.

Application Security
In the name of God :).

In the name of God :).
1Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. MOBILE THREAT EXAMPLE.

1Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. MOBILE THREAT EXAMPLE.
Introduction Thomson Chan Rosaryhill School 3698-3585 1.

Introduction Thomson Chan Rosaryhill School
Application Security Testing A practitioner’s rambling advice & musings.

Application Security Testing A practitioner’s rambling advice & musings.
An Ad Hoc Writable Rule Language for White-Box Security Scanners Author:Sebastian Schinzel Referent:Prof. Dr. Alexander del Pino Korreferent:Prof. Dr.

An Ad Hoc Writable Rule Language for White-Box Security Scanners Author:Sebastian Schinzel Referent:Prof. Dr. Alexander del Pino Korreferent:Prof. Dr.
Single Sign-On https://store.theartofservice.com/the-single-sign-on-toolkit.html.

Single Sign-On

Similar presentations

Ads by Google