Introduction
Mobile Application Security refers to identify, analyze and manage the risk associated with mobile applications throughout the software development lifecycle. The mobile application security is
designed to reduce the impact of attackers stealing user's passwords and crucial data such as credit/debit card payment information, personal information, etc.
Who should attend?
• IT professionals
• Cyber Security Professionals
• Mobile Application Developers
• Security practitioners and managers
• Anyone interested in Mobile Security
Why Mobile Application Security ?
• To prevent future attacks by guessing the behaviors of attackers and anticipating their moves
• To go live with the new mobile application without the worry about security risks
• Changing the architecture such as network, components of the mobile application if necessary
• To meet tough industry security standards and comply with regulations
• Reduces risk from both internal and third-party sources.
• To secure customer data to build customer confidence.
• To protect sensitive data from leaks.
• To improve trust from crucial investors and lenders.
• Certified Mobile Application Security Professional Training covers both Android and iOS application security.
In line with these objectives, we are pleased to announce a 12 hours of training spread across 3 days on “Certified Mobile Application Security Professional (CMASP)”
Day 1 :
• Introduction to Android
• Types of Applications
• Android Security Architecture
• Interacting with Android
• Android Application Components
• Setting up the Testing Environment
• Android Emulators Genymotion / Memu
• ADB • APKTool
• Drozer
• Frida
• Objection
• Analysing Application Components with APKTool
• Configuring Burp
Day 2:
• OWASP Top 10
• Improper Platform Usage
• Insecure Data Storage
• Insecure Communication
• Insecure Authentication
• Insufficient Cryptography
• Insecure Authorization
• Client Code Quality
• Code Tampering
• Reverse Engineering
• Extraneous Functionality
• Reversing Android Application for Manipulation
• Root Detection Bypass
• SSL Pinning Bypass
Day 3:
• IOS Application Security & Architecture
• MVC & Event Driven Architecture
• IOS Security Features
• Chain of Trust
• Secure Boot
• TouchID & Passcode
• Secure Enclave
• Keychains
• Jailbreaking IOS Devices– Types of Jailbreaks
• Setting up a Pen testing Environment
• Extracting Secrets using Key Chain Dumper
• Method Swizzling
• Runtime iOS Manipulation using GDB, Frida & Cycript
Trainer Details
Udit Pathak, HOD– Compliance and Audit, Network Intelligence
Udit Pathak currently serve as Principal Consultant at Network Intelligence focusing on Information Security audits (PCI DSS, ISO 27001, HIPAA, cloud security, etc.), Data privacy audit and implementation, application security assessment, vulnerability assessment. He delivered many trainings to ISACA and ISC2 chapters. He has delivered excellent trainings across the globe on various cyber security topics like Payment security, Forensics, Threats & Malware, Mobile App and Web App etc.
Mufaddal Taskin
Cybersecurity Consultant
Network Intelligence
Mufaddal has over 26 years of diverse experience in technology solutions and cyber security. He currently serves as a cybersecurity Training Specialist at NI His work mainly focuses on Payment
Security Audits Security, Vulnerability Assessment and Penetration Testing for NI. His technical abilities span across Networks, Web & Mobile Apps, Incident Response, Cyber Threat Intelligence, SOC and ISO standards Compliance. Mufaddal has created custom course outlines on cyber security as well as conducted the same for a variety of high technologies clients and partners of NI.
past_events