Wire Snark
co-founder @ DEF CON Nizhny Novgorod
Nizhny Novgorod

Source code security analysis for Android applications

Description:

Let us talk about how source code security analysis for Android applications should be

conducted. We are going to identify the most common mistakes—OWASP Mobile Top 10—and

review Android-specific examples.

The report discusses the methodology and major steps in source code security analysis for

Android applications. It tells about what a Threat Model is, and how it can be built in practice.

Application architecture analysis issues in terms of security will be also addressed. The report

will cover hands-on experience of using static source code analyzers to find defects that impact

application security. The most frequent mistakes according to OWASP Mobile Top 10 will be

reviewed with examples from experience.

О спикере

Wire Snark

co-founder @ DEF CON Nizhny Novgorod
Nizhny Novgorod

Systems designer dealing mainly with the middle level – services and daemons. Platform for

“internet of things” devices running on Yocto Linux, Android platform, telephony, voice control.

The second area of specialization: information security researcher engaged in whitebox-audit of

applications. Champion of user privacy, anonymity and security. Advocate of ethical hacking

and programming, and devotee of free software.

Похожие доклады Похожие доклады

Похожие доклады