Category: Android | Format: Session

11:00 am - 11:40 am | Mekatilili

The Mobile Application Security Commandments by Heart

Session Description:

Developers often prioritize quick releases over security in the fast-paced world of mobile app development. However, this approach leaves applications and their users vulnerable to various security threats. In this presentation, I will examine the essential security best practices for mobile app development outlined by the OWASP Mobile Application Security Verification Standard (MASVS). I will highlight the significant differences in security posture by comparing an app developed naively to one that incorporates OWASP's best practices. Key Takeaways and Learning Points: 1. Understanding Vulnerabilities: Grasp the most common vulnerabilities in mobile applications today and how they can be maliciously exploited. 2. OWASP MASVS Deep Dive: A comprehensive overview of the OWASP Mobile Application Security Verification Standard and why it's the gold standard in mobile app security. 3. Practical Application: Witness a live demo contrasting a naively built app against one built following OWASP best practices. See firsthand the tangible benefits of prioritizing security. 4. Secure Development Lifecycle: Learn about integrating security practices throughout the app development lifecycle, from design to deployment. 5. Empowerment: Walk away with actionable insights, tools, and practices that you can immediately implement in your mobile app development process. I have previously presented on Android Security and Insecurity at SheHacksKe. SheHacksKe is a community of security researchers and practitioners in Kenya that has dramatically influenced the cyber security landscape. I've also worked as a security analyst at Yelbridges Limited, focusing on mobile application security. Keywords for Talk Submission: - Mobile Application Security - OWASP MASVS - Vulnerability Assessment - Mobile Threat Landscape - Cyber Security