Happy to announce that the Mobile App Sec Triathlon, hands on training for iOS and Android application security is scheduled for San Jose, November 5-7. If you are a developer, architect or security person working on Mobile, then this class may be of interest. Topics covered include:
•A cross-platform look at the problem space, with live demonstrations of common weaknesses and how to attack them--and plenty of time for questions and discussions.
• Primer on identity management and cloud computing for mobile applications
• Using threat modeling to find (and remove) architectural weaknesses
• How to best perform code reviews
• Common platform weaknesses (using OWASP’s iGoat and GoatDroid tools) • Analyzing an off-the-shelf app (and learning from its problems)
• Platform and application architecture
• Coding lab on building application security controls into your application • Setting up a test rig and testing the security of mobile applications
Ken van Wyk and I will teach the class. Ken added some thoughts on the blog hereIf you are interested or would like more info please check out the site or ping me.