Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sioux Falls OWASP Jan-2018 Mobile Attack Surface

Published byNathalie Paquette Modified over 5 years ago

Similar presentations

Presentation on theme: "Sioux Falls OWASP Jan-2018 Mobile Attack Surface"— Presentation transcript:

1 Sioux Falls OWASP Jan-2018 Mobile Attack Surface

2 25 Years in Software Development Banking, Logistics, Medical
About Me Shannon Hofer MetaBank 25 Years in Software Development Banking, Logistics, Medical @76foxtrot

3 Three Attack Surfaces The Data Center The Network The Device

4 Platform – Standard security patching and procedures
The Data Center Platform – Standard security patching and procedures Configs – Web servers.. ** OWASP Top 10

5 WiFi Encryption - None or weak
The Network WiFi Encryption - None or weak Rogue Access Point - Who has a pineapple? Wiresharking MITM SLStrip: Downgrade to HTTP Session Hijacking DNS Poisoning Fake Certs

6 Preloaded Apps(Browser, Mail..)
The Device Preloaded Apps(Browser, Mail..) User Apps - why does the flashlight need my contacts? Phone/Network Operating System RF - Bluetooth and baseband

7 Preloaded Apps and User Apps
Browser - Samsung issues with CORS Phishing Framing Link/Clickjacking Drive-By downloading(downloading without user knowing) MitMo(Meltdown/Spectre)

8 Recent Hardware issues(Meltdown/Spectre) Rooting/JailBreaking
Phone/SMS SMSishing BaseBand attacks RF(bluejacking, NFC..) Recent Hardware issues(Meltdown/Spectre) Rooting/JailBreaking

9 Each vendor maintains a list Load the updates
Operating System Each vendor maintains a list Load the updates

10 Resources NowSecure - Secure Mobile Development ebook
NowSecure - 5 Mobile App MUST DOs in 2018 presentation Mobile Top Top 10 Security Weekly Youtube Channel

11 Conclusion Thank

Download ppt "Sioux Falls OWASP Jan-2018 Mobile Attack Surface"

Similar presentations

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.

A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.

What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
魂▪創▪通魂▪創▪通 2014. 9. 10. Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.
OWASP Mobile Top 10 Why They Matter and What We Can Do

OWASP Mobile Top 10 Why They Matter and What We Can Do
Kevin Kraemer Senior Director, Product Marketing

Kevin Kraemer Senior Director, Product Marketing
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
 Cloud computing is one of the more recent technologies that many businesses, individuals and other industry organizations believe to by one of the keys.

 Cloud computing is one of the more recent technologies that many businesses, individuals and other industry organizations believe to by one of the keys.
For more notes and topics visit:

For more notes and topics visit:
Origins, Cookies and Security – Oh My! John Kemp, Nokia Mobile Solutions.

Origins, Cookies and Security – Oh My! John Kemp, Nokia Mobile Solutions.
Secure Search Engine Ivan Zhou Xinyi Dong. Introduction  The Secure Search Engine project is a search engine that utilizes special modules to test the.

Secure Search Engine Ivan Zhou Xinyi Dong. Introduction  The Secure Search Engine project is a search engine that utilizes special modules to test the.
Confidential & proprietary M2M communications in Transportation industry.

Confidential & proprietary M2M communications in Transportation industry.
Complete Security. Threats changing, still increasing Data everywhere, regulations growing Users everywhere, using everything We’re focused on protecting.

Complete Security. Threats changing, still increasing Data everywhere, regulations growing Users everywhere, using everything We’re focused on protecting.
Ignite Presentation: Near Field Communication Harry Yang.

Ignite Presentation: Near Field Communication Harry Yang.
0 1 WHAT KEEPS USERS AWAY? 2 47% 46% 43% 39% 40% 50% 45% 34% 21% 15% 20% 19% 13% 26% 20% 12% I fear that my account information will be viewed by an unauthorized.

0 1 WHAT KEEPS USERS AWAY? 2 47% 46% 43% 39% 40% 50% 45% 34% 21% 15% 20% 19% 13% 26% 20% 12% I fear that my account information will be viewed by an unauthorized.
{ Cloud computing. Exciting and relatively new technologies allow computing to be a part of our everyday lives. Cloud computing allows users to save their.

{ Cloud computing. Exciting and relatively new technologies allow computing to be a part of our everyday lives. Cloud computing allows users to save their.
E-Citations Mike Nizich, Vice President of Sales IMPACT Morrelly Homeland Security Center 510 Grumman Road West Bethpage, NY 11714 1-800-871-1244 ext 219.

E-Citations Mike Nizich, Vice President of Sales IMPACT Morrelly Homeland Security Center 510 Grumman Road West Bethpage, NY ext 219.
Slide to sign on Leverage your existing Wi-Fi assets to provide the home Wi-Fi user experience anywhere.

Slide to sign on Leverage your existing Wi-Fi assets to provide the home Wi-Fi user experience anywhere.
Cloud Computing, Business Users & Google Raju Gulabani Director of Product Management, Google Apps Feb 25, 09.

Cloud Computing, Business Users & Google Raju Gulabani Director of Product Management, Google Apps Feb 25, 09.
A Study of Secure Communications in WiFi Networks Bumjo Park 1 and Namgi Kim 11 1 Dept. Of Computer Science, Kyonggi Univ. San 94-1, Iui, Yeongtong, Suwon,

A Study of Secure Communications in WiFi Networks Bumjo Park 1 and Namgi Kim 11 1 Dept. Of Computer Science, Kyonggi Univ. San 94-1, Iui, Yeongtong, Suwon,

Similar presentations

Ads by Google