Popular ISO 9001 Quality management > ISO 13485 Quality management for medical devices > ISO 14001 Environmental management > ISO 22301 Business continuity > ISO/IEC 27001 Information security > ISO 45001 (OHSAS 18001) Occupational health and safety > View all standards >
Access and buy standards How to access standards > Decide which option works best for your business Buy standards > Standards subscriptions > BSOL > Full standards collections Compliance Navigator > Medical device standards Eurocodes PLUS > Structural design standards BSI Membership > Services include knowledge centre, events and discounts
About standards What are standards? > Find out on how standards can help The role of BSI > UK Standards Organization, ISO, IEC, CEN, CENELEC, ETSI Get involved > Become a standards maker, join a committee Have your say > Propose or comment on a standard Consumer alerts > Know which products have been recalled
Working with standards Business and industry > Build trust and win more business, no matter the size of your company Government > Enhancing standards infrastructure, technical assistance and capacity building Education > Supporting students, research programmes, and young professionals Consumers > Tackling issues consumers face through BSI Kitemark and Consumer and Public Interest Network (CPIN)
Standards and information Access and buy standards > Search our standards catalogue Develop a standard > Work with BSI to develop a standard Online subscription services > BSOL, Compliance Navigator, Eurocodes PLUS, BSI Membership and SCREEN Standards services > Create a fast-track standardization document, Consultancy, Research and Insights and International Projects
Auditing, certification and training Assessment and ISO certification > ISO certification and others eg: IATF, FSSC Auditing and verification > Supplier audits, custom audits and internal audits Product testing and certification > BSI Kitemark, CE marking and verification, Market access solutions Validate BSI-issued certificates > Check company, site and product certificates
Training courses > Individual, group and company-wide training Medical devices services > CE marking for medical devices, MDR and IVDR, quality management for medical devices Compliance software and solutions > Software tools and solutions for governance, cyber security, risk and supply chain management
Consulting practices Cybersecurity and information resilience > Standards Consulting > Management advisory service Supply chain management > View all BSI services >
Industry reports, research and news Digital construction > BIM, smart cities and connected assets Future of mobility > Global market access > Health, safety and wellbeing > Information security > Cybersecurity, privacy (GDPR) and compliance
Innovation > Internet of things (IoT) > Organizational resilience > Sustainability and circular economy > View all topics >
Blogs Built Environment > Cybersecurity and information resilience > Food Industry > Medical devices > Small Business > View all blogs >
About BSI > BSI impartiality > Our accreditation > Our clients and partners > Our financial information >
Our governance > Our legal information > Our Royal Charter > UK National Standards body > The global role of BSI as the national standards body
Careers > Events and conferences > Media centre > Social responsibility > Modern slavery statement Contact us >
Data protection (GDPR) > Data subject access request (DSAR) > Outsourced data protection officer (DPO) > Cybersecurity and compliance services > Cloud security services > Incident response > Security testing > Vulnerability assessment > PCI DSS consultancy > ISO 27001 consultancy > IT audit and assessment > Cybersecurity audit and assessment > View all our services >
Services Email security > End user security awareness > eDiscovery/eDisclosure and digital forensics > Critical infrastructure security > Security testing cyber lab > Ransomware prevention and recovery > Public sector services >
Our solutions Secure web gateway > Cloud access security broker > Identity and access management > Managed security > Cloud encryption > Vulnerability management > Cloud and endpoint data backup > View all our solutions >
Our partners Zscaler > Proofpoint > McAfee > Okta > Druva > Alert Logic > Qualys > BitSight > MediaPRO >
Cybersecurity training courses Certified Information Privacy Professional Europe (CIPP/E) > Certified Data Protection Officer (CDPO) training course > Certified Information Security Manager (CISM®) > Certificate in Information Security Management Principle (CISMP) > View all cybersecurity training courses >
Training solutions Proofpoint - End user security awareness training > MediaPRO - Cybersecurity and Privacy Education >
Fundamentals of Mobile Application Defence Mobile security is becoming increasingly important as iOS and Android user numbers increase and applications become ever more complex. With some organizations relying heavily on mobile applications as a route to market, especially those taking a ‘mobile first’ approach, mobile security must be taken seriously and viewed the same way as existing security controls for your organization’s flagship traditional web applications. As organizations typically focus on mobile applications being easy to use and intuitive, less emphasis is put on mobile security and therefore less understanding of security tends to be present in mobile development teams. Our one-day Fundamentals of Mobile Application Defence training course is a great opportunity for those interested in mobile security to look at iOS and Android applications through the eyes of the hacker. You'll learn about the most common insecurities and vulnerabilities that lay within mobile applications, how to identify them and how to use secure design and development best practices to eliminate these risks. This course will give you the confidence to reduce the risk of mobile applications for your business. Who should attend? Those responsible for developing, managing, testing or maintaining mobile applications, or anyone with an interest in ensuring the security of their mobile application presence, such as: Mobile application developers Compliance officers Technical managers Information security team members IT Managers Team leaders What will I learn? Basic iOS and Android Security concepts Introduction to iOS and Android application structures and security Insecure applications and formats Insecure application components Unauthorised access to critical application files and databases Data Leakage Insecure communications Authentication & Session Management Cryptography Authorization De-compilation and debugging of application code Static and dynamic code analysis OWASP Mobile Top 10 Security methodology In addition to learning about the above vulnerabilities and practices in theory, BSI believe that the best way to demonstrate the impact of these vulnerabilities is to perform live exploitation. These concepts will be demonstrated using BSI’s Android Security Testing Framework (ASTF) tool which has been developed by our in-house mobile experts. How will I benefit? Gain an understanding of the best practices for mobile application defence Get the opportunity to see real exploitation of vulnerabilities on our vulnerable mobile application – helping you understand the real-world impact Gain insight into the insecurities and vulnerabilities that lay within your mobile applications Confidently identify and eliminate these new risks before they result in damage to the organization What's included? Comprehensive course materials Certificate of attendance Lunch Refreshments
