Security Testing Guidelines for mobile Apps - PowerPoint PPT Presentation

About This Presentation
Title:

Security Testing Guidelines for mobile Apps

Description:

Mobile app development companies are making things more easy by designing mobile apps that are user-friendly and secure.Mobile apps have some specific characteristics regarding penetration testing. – PowerPoint PPT presentation

Number of Views:199
Slides: 13
Provided by: MobileDevice
Category: Other
Tags: device | mobile | testing

less

Transcript and Presenter's Notes

Title: Security Testing Guidelines for mobile Apps


1
Welcome to
Presentation
Security Testing Guidelines for mobile Apps
http//mobilelabsinc.com/
2
Mobile App Threat Landscape
Location-independent (mobile)
Always online and traceable
Consumerization devices are built for
personal use Focus on functionality and
design rather than security Raise of
sensitive use cases for mobile apps
3
Mobile app development companies are making
things more easy by designing mobile apps that
are user-friendly and secure. 
4
Situation Mobile Security Testing
Mobile apps have some specific characteristics
regarding penetration testing Custom
guidelines have not been available msg systems
decided to develop guidelines (MSTG) with Munich
University of Applied Sciences
5
Challenges
Identify differences to common penetration tests
Flexible Preconditions
App Security also depends on device security
(jailbreak, different platforms, versions,
interfaces, MDM, etc.
Different attackers (internal, external, network
or device access, blackbox / whitebox, etc.
6
Mobile Security Testing Guide Overview
7
Intelligence Gathering
Try to catch as much as possible information
about the app Consists of 2 analysis
8
Differences to conventional
Process
Focus mainly on the architectural/technical part
Not considering mobile specific
requirements
9
Intelligence Gathering
Architectural Analysis
App (network interfaces, used data, communication
with other resources, session management,
jailbreak/rooting detection, ) Runtime
environment (MDM, jailbreak/rooting, os version)
Backend services (application server,
databases, firewall, )
Environmental Analysis
Focus on the company behind the app and their
business case and the relating stakeholders
Analyze internal processes and structures
10
Summary
Mobile Security Testing Guide
considers mobile characteristics, but is
independent from technologies helps to
improve transparency and repeatability for mobile
penetration testing is a holistic approach
with sufficient flexibility and ultimately
helps to improve mobile app security.
11
Contact information
Headquarters 3423 Piedmont Road NE Suite
465 Atlanta, GA 30305
1 (404) 214 5804
Info_at_mobilelabsinc.com
http//mobilelabsinc.com/
https//www.youtube.com/watch?vEbHl7i75l5s
12
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com