Fundamentals of Mobile Application Defence

Mobile security is becoming increasingly important as iOS and Android user numbers increase and applications become ever more complex. With some organizations relying heavily on mobile applications as a route to market, especially those taking a ‘mobile first’ approach, mobile security must be taken seriously and viewed the same way as existing security controls for your organization’s flagship traditional web applications.

As organizations typically focus on mobile applications being easy to use and intuitive, less emphasis is put on mobile security and therefore less understanding of security tends to be present in mobile development teams.

Our one-day Fundamentals of Mobile Application Defence training course is a great opportunity for those interested in mobile security to look at iOS and Android applications through the eyes of the hacker.

You'll learn about the most common insecurities and vulnerabilities that lay within mobile applications, how to identify them and how to use secure design and development best practices to eliminate these risks. This course will give you the confidence to reduce the risk of mobile applications for your business.


Who should attend?

Those responsible for developing, managing, testing or maintaining mobile applications, or anyone with an interest in ensuring the security of their mobile application presence, such as:

  • Mobile application developers
  • Compliance officers
  • Technical managers
  • Information security team members
  • IT Managers
  • Team leaders

What will I learn?

  • Basic iOS and Android Security concepts
  • Introduction to iOS and Android application structures and security
  • Insecure applications and formats
  • Insecure application components
  • Unauthorised access to critical application files and databases
  • Data Leakage
  • Insecure communications
  • Authentication & Session Management
  • Cryptography
  • Authorization
  • De-compilation and debugging of application code
  • Static and dynamic code analysis
  • OWASP Mobile Top 10
  • Security methodology

In addition to learning about the above vulnerabilities and practices in theory, BSI believe that the best way to demonstrate the impact of these vulnerabilities is to perform live exploitation. These concepts will be demonstrated using BSI’s Android Security Testing Framework (ASTF) tool which has been developed by our in-house mobile experts.

How will I benefit?

  • Gain an understanding of the best practices for mobile application defence
  • Get the opportunity to see real exploitation of vulnerabilities on our vulnerable mobile application – helping you understand the real-world impact
  • Gain insight into the insecurities and vulnerabilities that lay within your mobile applications
  • Confidently identify and eliminate these new risks before they result in damage to the organization

What's included?

  • Comprehensive course materials
  • Certificate of attendance
  • Lunch
  • Refreshments