Session Details

Is Your Mobile App Secure?  

Level :
Date :
9:15 AM Sunday
Room :
Interested : (99) - Registered : (-)


It's easy to audit Android app security, and very important, because most of them have one or more of the OWASP Mobile Top Ten Risks. I tested the top ten US bank apps, stock trading apps, and insurance apps, and 70% of them were insecure. I'll demonstrate several real vulnerable apps, and show to find SSL validation failures and how to add Trojan code to a vulnerable app to create a Proof-of-Concept. Complete instructions for all these tests are available free at

The Speaker(s)


Sam Bowne

Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at CodeCamp, DEFCON, BayThreat, LayerOne, and Toorcon, and taught classes and seminars at many other schools and teaching conferences. He has a Ph.D. and a CISSP and a lot of other certifications, and a lot of computer and cables and firewalls and stuff.
  • Not Interested
  • Interested