Popular ISO 9001 Quality management > ISO 13485 Quality management for medical devices > ISO 14001 Environmental management > ISO 22301 Business continuity > ISO/IEC 27001 Information security > ISO 45001 (OHSAS 18001) Occupational health and safety > View all standards >
Access and buy standards How to access standards > Decide which option works best for your business Buy standards > Standards subscriptions > BSOL > Full standards collections Compliance Navigator > Medical device standards Eurocodes PLUS > Structural design standards BSI Membership > Services include knowledge centre, events and discounts
About standards What are standards? > Find out on how standards can help The role of BSI > UK Standards Organization, ISO, IEC, CEN, CENELEC, ETSI Get involved > Become a standards maker, join a committee Have your say > Propose or comment on a standard Consumer alerts > Know which products have been recalled
Working with standards Business and industry > Build trust and win more business, no matter the size of your company Government > Enhancing standards infrastructure, technical assistance and capacity building Education > Supporting students, research programmes, and young professionals Consumers > Tackling issues consumers face through BSI Kitemark and Consumer and Public Interest Network (CPIN)
Standards and information Access and buy standards > Search our standards catalogue Develop a standard > Work with BSI to develop a standard Online subscription services > BSOL, Compliance Navigator, Eurocodes PLUS, BSI Membership and SCREEN Standards services > Create a fast-track standardization document, Consultancy, Research and Insights and International Projects
Auditing, certification and training Assessment and ISO certification > ISO certification and others eg: IATF, FSSC Auditing and verification > Supplier audits, custom audits and internal audits Product testing and certification > BSI Kitemark, CE marking and verification, Market access solutions Validate BSI-issued certificates > Check company, site and product certificates
Training courses > Individual, group and company-wide training Medical devices services > CE marking for medical devices, MDR and IVDR, quality management for medical devices Compliance software and solutions > Software tools and solutions for governance, cyber security, risk and supply chain management
Consulting practices Cybersecurity and information resilience > Standards Consulting > Management advisory service Supply chain management > View all BSI services >
Industry reports, research and news COVID-19 > Digital construction > BIM, smart cities and connected assets Future of mobility > Global market access > Health, safety and wellbeing >
Information security > Cybersecurity, privacy (GDPR) and compliance Innovation > Internet of things (IoT) > Organizational resilience > Sustainability and circular economy > View all topics >
Blogs Built Environment > Cybersecurity and information resilience > Food Industry > Medical devices > Small Business > View all blogs >
About BSI > BSI impartiality > Our accreditation > Our clients and partners > Our financial information >
Our governance > Our legal information > Our purpose, mission and vision > Our Royal Charter > UK National Standards body > The global role of BSI as the national standards body
Careers > Events and webinars > Media centre > Sustainability > Modern slavery statement Contact us >
Cloud security solutions > We partner with leading cloud security vendors Security testing > Vulnerability Assessment, Penetration Testing, Attack Simulation Incident management > Respond instantly to a data breach Virtual CISO > Find the right vCISO Third party security and risk assessment > Implement a robust information risk management framework View all our security technology solutions >
eDiscovery and Digital forensics > Understand and take control of your data Data protection ( GDPR ) > Achieving and maintaining compliance with GDPR Data subject requests (DSAR) support > Simplify, automate and reduce your response time for DSARs DPO as a service > Quickly access to specialized, skilled and experienced consultants View all our security technology solutions >
End user awareness and Phishing simulations > Robust and compliant training courses Social engineering > Recognize and avoid social engineering scams Certified information security courses > Get the skills you need to build resilience around information security management Online interactive solutions > Privacy and compliance education solutions View all our training courses >
PCI DSS Consultancy > Discover our range of PCI DSS consultancy services Network and Information Systems Directive (NIS) > Achieve NIS compliance NIST Cybersecurity Framework > Expertise to support you through your NIST CSF journey ISO/IEC 27001 consulting services > Identify and prioritize key risks across the organization Cyber Lab (CAS, CPA, CTAS) > Carry out assessments against recognized NCSC schemes View all our security technology solutions >
Data Protection Impact Assessment (DPIA) support > Minimize privacy and security risk Internet of Things (IOT) > Enabling a smart and secure world GDPR verification > Achieve and maintain compliance with GDPR SOC 2 > Identify all services and solutions to be considered in-scope for the SOC report Business continuity consulting services > Make your business resilient to an ever changing and challenging world
Fundamentals of Mobile Application Defence Mobile security is becoming increasingly important as iOS and Android user numbers increase and applications become ever more complex. With some organizations relying heavily on mobile applications as a route to market, especially those taking a ‘mobile first’ approach, mobile security must be taken seriously and viewed the same way as existing security controls for your organization’s flagship traditional web applications. As organizations typically focus on mobile applications being easy to use and intuitive, less emphasis is put on mobile security and therefore less understanding of security tends to be present in mobile development teams. Our one-day Fundamentals of Mobile Application Defence training course is a great opportunity for those interested in mobile security to look at iOS and Android applications through the eyes of the hacker. You'll learn about the most common insecurities and vulnerabilities that lay within mobile applications, how to identify them and how to use secure design and development best practices to eliminate these risks. This course will give you the confidence to reduce the risk of mobile applications for your business. Who should attend? Those responsible for developing, managing, testing or maintaining mobile applications, or anyone with an interest in ensuring the security of their mobile application presence, such as: Mobile application developers Compliance officers Technical managers Information security team members IT Managers Team leaders What will I learn? Basic iOS and Android Security concepts Introduction to iOS and Android application structures and security Insecure applications and formats Insecure application components Unauthorised access to critical application files and databases Data Leakage Insecure communications Authentication & Session Management Cryptography Authorization De-compilation and debugging of application code Static and dynamic code analysis OWASP Mobile Top 10 Security methodology In addition to learning about the above vulnerabilities and practices in theory, BSI believe that the best way to demonstrate the impact of these vulnerabilities is to perform live exploitation. These concepts will be demonstrated using BSI’s Android Security Testing Framework (ASTF) tool which has been developed by our in-house mobile experts. How will I benefit? Gain an understanding of the best practices for mobile application defence Get the opportunity to see real exploitation of vulnerabilities on our vulnerable mobile application – helping you understand the real-world impact Gain insight into the insecurities and vulnerabilities that lay within your mobile applications Confidently identify and eliminate these new risks before they result in damage to the organization What's included? Comprehensive course materials Certificate of attendance Lunch Refreshments
