Security Testing Mobile Applications
The sensitive nature of personal information stored on smart devices makes security testing vital when building mobile applications. Alan Crouch explores the unique characteristics of mobile devices—how they store data, the fluid trust boundaries between applications, and the unique aspects of device security models. Learn about the many different threat types and use cases that make security testing mobile applications so challenging. Alan offers hints and tips for comprehensive security testing of mobile applications during the development process, sharing when and where in that process to perform each type of testing. Tips include how to test for data privacy, secure session management, and the presence of malicious applications. Take back approaches for finding traditional application security vulnerabilities that may be present in mobile applications. Leave with an understanding of what it takes to security test your mobile applications and practical knowledge to make your mobile apps more secure.
Alan Crouch is a director of mobile testing with Coveros, Inc., which helps companies build better applications using agile, DevOps, and security best practices. Alan works with C-level and senior management at private companies and federal agencies to transform and adopt a more “mobile-first” approach to information technology. Alan has worked with Departments of Homeland Security, Defense, and Health and Human Services; Symantec; and mobile start-ups to build and test Android, iOS, and responsive web applications. His passion is the intersection of mobile testing and information security. Spare time finds Alan traveling the globe and creating adventures for his son and daughter. Follow Alan on Twitter @RealAlanCrouch or on LinkedIn.