Skip to main content

Security Testing

Tutorials

TD Security Testing Mobile Applications
Alan Crouch, Coveros
Tue, 04/14/2015 - 8:30am

The sensitive nature of personal information stored on smart devices makes security testing vital when building mobile applications. Alan Crouch explores the unique characteristics of mobile devices—how they store data, the fluid trust boundaries between applications, and the unique aspects of device security models. Learn about the many different threat types and use cases in the mobile arena that make security testing mobile applications so challenging. Alan offers hints and tips for comprehensive security testing of mobile applications during the development process.

Read more

Concurrent Sessions

T8 Tips and Tricks for Building Secure Mobile Apps
Jeffery Payne, Coveros, Inc.
Thu, 04/16/2015 - 2:00pm

Mobile application development is now a mission-critical component of IT organizations and a big part of software industry’s landscape. Due to the security threats associated with mobile devices, it is critical we build our apps—from the ground up—to be secure and trustworthy. However, many application developers and testers do not understand how to build and test secure mobile applications. Jeffery Payne discusses the risks associated with mobile platforms/applications and describes proven practices for ensuring the safety of your mobile applications.

Read more
T12 Software Attacks for Embedded, Mobile, and Internet of Things
Jon Hagar, Independent Consultant
Thu, 04/16/2015 - 3:15pm

In the world of embedded systems, mission-critical mobile apps, and the Internet of Things (IoT), developers and testers must do more than just look for feature bugs. To find potential failures and serious security errors, their arsenal should include attack-based exploratory testing. In the tradition of James Whittaker’s How to Break Software books, Jon Hagar applies the “attack” concept to embedded, mobile, and IoT software. Jon examines common industry patterns of product failures and shares a set of his favorite software test attacks for native, web-based, and hybrid apps.

Read more