Hi [[ session.user.profile.firstName ]]

Solving for compliance: Mobile app security for banking and financial services

Mobile apps fall in scope for a number of regulatory requirements that govern the banking and financial services industries, such as: guidelines from the Federal Financial Institutions Examination Council (FFIEC), the Gramm–Leach–Bliley Act (GLBA), New York State cybersecurity requirements for financial services companies, the Payment Card Industry Data Security Standard (PCI DSS), the Sarbanes-Oxley Act, and more. Luckily, a repeatable mobile app security assessment program and standardized reporting go a long way in both achieving compliance objectives and securing mobile apps and data.

Join us for a 30-minute webinar during which NowSecure Security Solutions Engineer Brian Lawrence will explain:
-- How and where exactly mobile apps fall in scope for various compliance regimes
-- Mobile app security issues financial institutions must identify and fix for compliance purposes
-- How assessment reports can be used to demonstrate due diligence
Recorded Aug 22 2017 29 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brian Lawrence, NowSecure Security Solutions Engineer
Presentation preview: Solving for compliance: Mobile app security for banking and financial services

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Put the ‘Sec’ in Mobile DevSecOps Recorded: Aug 29 2019 45 mins
    Brian Lawrence, Solutions Engineering Manager // Brian Reed, Chief Mobility Officer
    There are more than 4.5 million apps and counting in the Apple® App Store® and Google Play™, many of which release weekly or even daily. Success in continuous delivery calls for removing friction from the pipeline. However, mobile app DevSecOps teams must contend with several security and privacy challenges.

    Join us for insight and best practices for achieving the DevSecOps goal of continuous security. You’ll learn:
    +The most common security and privacy issues found in mobile apps
    +How to partner with mobile app security, risk and compliance teams
    +Approaches for automating security in the CI/CD pipeline.
  • Coming Soon: Android Q & iOS 13 Privacy Enhancements Recorded: Jul 18 2019 64 mins
    Tony Ramirez, Mobile Security Analyst / Brian Reed, Chief Mobility Officer
    Are you ready for Android Q and iOS 13? Apple and Google’s forthcoming mobile operating systems boast a bevy of privacy features that enable users to seize more control of their personal data.

    NowSecure Mobile Security Analyst Tony Ramirez will share a deep dive into Android and iOS application security and privacy enhancements and what they mean for mobile DevSecOps teams. Join us to learn about:
    + Increased transparency and granularity over location tracking
    + New protections for sensitive information
    + Safer data exchanges in Android Q through TLS 1.3 encryption
  • Debunking the Top 5 Myths About Mobile AppSec Recorded: Jun 24 2019 47 mins
    Brian Reed, Chief Mobility Officer, NowSecure // Alan Snyder, Chief Executive Officer, NowSecure
    It’s hard to believe that mobile app stores are more than a decade old yet some crazy misconceptions about mobile application security still linger.

    Stop us if you’ve heard these before:
    - Testing mobile apps is the same as web apps
    - SAST is good enough for mobile, you don’t need DAST
    - Mobile apps are secure because Apple and Google security test them
    - Outsourcing a penetration test once per year is sufficient to mitigate risk

    Join us to sort fact from fiction and learn how to ensure your mobile appsec program is on the right track. You may discover some surprising things about modern mobile application security.
  • Using OWASP Guidelines & Threat Modeling for Mobile AppSec Recorded: Jun 13 2019 36 mins
    Tony Ramirez, Mobile Security Analyst @ NowSecure
    Learn how to use the OWASP Mobile Security Project to prioritize risk and testing requirements across your entire mobile app portfolio - the apps you produce, as well as the apps you and your employees consume. In this session, we'll cover:
    + OWASP Mobile App Security Verification Standards
    + How to determine which level of verification your app needs
    + How to respond when the app doesn't meet the standard security baseline
  • Integrating Security into the Mobile App DevOps Ecosystem Recorded: May 22 2019 54 mins
    Brian Lawrence, Solutions Engineering Manager // Brian Reed, Chief Mobility Officer, NowSecure
    Are you seeking to accelerate the delivery of secure mobile apps? DevSecOps is all about letting tools do the work for you.

    Many DevSecOps shops plug mobile appsec testing directly into the CI/CD toolchain to find and fix vulnerabilities faster. Automate the workflows and tune the testing to meet your needs. Empower devs with nearly zero false positives and remediation details. Break the build when necessary and release apps faster when you don’t.

    Whether you focus on security or development, join this webinar to see how the NowSecure platform integrates with your ecosystem of DevOps tools such as:
    + CI/CD (CircleCI, CloudBees Jenkins, etc)
    + Issue tracking (GitHub, Jira, etc)
    + Vuln management (Brinqa, Code Dx, etc.)
  • OSS Tools: Creating a Reverse Engineering Plug-in for r2frida Recorded: Apr 24 2019 47 mins
    Sergi "Pancake" Alvarez, Senior Mobile Security Research Engineer, NowSecure // Brian Reed, Chief Mobility Officer, NowSecure
    Hear Radare creator Sergi (Pancake) Alvarez conduct a deep dive of r2frida, a framework that combines the best of Frida and Radare. Frida and Radare are leading open-source reverse engineering tools sponsored by NowSecure. Targeting intermediate to advanced users and security analysts, this overview will highlight the r2frida plug-in architecture.

    Join this webinar to learn:
    + What dynamic and static techniques the individual tools provide to assist security analysts with reverse engineering;
    + Why r2frida’s plugin architecture eases the task of performing reverse engineering workflows;
    + How to create your own new plug-in.
  • Survey Sneak Peek: The State of DevSecOps for Mobile Apps Recorded: Mar 21 2019 38 mins
    Brian Reed, Chief Mobility Officer, NowSecure
    As DevSecOps transformation begins to sweep across organizations, NowSecure set out to take the pulse of the movement as it relates to mobile apps. We partnered with DevOps.com to conduct the industry’s first user survey on the state of web and mobile app DevSecOps.

    Attend this webinar to hear how leading organizations are adopting secure DevOps for their mobile apps and the benefits they’re achieving. You’ll discover these findings:
    +Comparison of mobile app and web app adoption patterns in DevSecOps, including a few surprises
    +Key insights on challenges and successes in DevSecOps across people, process and technology
    +Useful data on security testing stages, frequency, metrics, and tools
  • Building a Mobile App Pen Testing Blueprint Recorded: Feb 20 2019 62 mins
    Rono Dasgupta & Tony Ramirez, Mobile Security Analysts, NowSecure // Brian Reed, CMO, NowSecure
    Mobile penetration testing helps uncover app exploits and vulnerabilities and is a crucial component of risk assessment. However, many people fear the complexity and don’t know where to get started.

    It all begins with a solid plan of attack. NowSecure veterans of hundreds of mobile app pen tests will walk you through the process of assembling a pen testing playbook to hack your app.

    Join this webinar to learn:
    +Tips and tricks for targeting common issues
    +The best tools for the job
    +How to document findings to close the loop on vulnerabilities.
  • Mobile App Security Predictions 2019 Recorded: Jan 23 2019 63 mins
    Brian Reed, CMO, NowSecure // Alan Snyder, CEO, NowSecure // David Weinstein, CTO, NowSecure
    2019 is already shaping up to be a standout year for mobile appsec and secure DevOps. If we can say anything with certainty, it’s that cybersecurity is unpredictable and the wave of DevSecOps is unstoppable. But we foresee intensifying concerns about digital privacy amidst high-profile breaches.

    Attend this webinar to hear our predictions about what’s in store for our customers and the community in the year ahead. Our veteran industry leaders will prognosticate about developments in these areas:
    + Mobile ecosystem: OSes, devices, apps and app stores
    + Evolving mobile security threats
    + The rise of DevSecOps and the automation of everything
    + The disruptive economics of automating manual pen testing
    and more.
  • Best Practices for Securing Mobile App DevOps Recorded: Dec 6 2018 49 mins
    Jeff Fairman, Senior Vice President of Engineering & Brian Reed, Chief Mobility Officer
    As DevOps teams seek to accelerate the mobile app dev pipeline, they rely on tools and best practices to gain speed. Because our engineering leader Jeff Fairman previously ran software development for a top online brokerage, he understands the challenges of scaling security testing to meet current demands.

    After discovering the NowSecure automated testing platform, Jeff Fairman was so impressed with the tech that he joined the company to help DevOps and security teams build and release safe mobile apps. Attend this webinar to learn:
    + Why you need dynamic application security (DAST) testing to flag vulnerabilities in the post-build phase
    + The unique requirements, toolchain options and best practices for secure mobile DevOps
    + How to combine continuous daily testing with outsourced pen testing.
  • Case Study: Ironclad Messaging & Secure App Dev for Regulated Industries Recorded: Oct 18 2018 55 mins
    Avi Elkoni (COO/CTO, Vaporstream), Kristi Perdue Hinkle (Vaporstream), & Brian Reed (NowSecure)
    Enterprise-grade ephemeral messaging provider Vaporstream knows firsthand that security needs to be built into the software development lifecycle rather than bolted on. Serving highly regulated industries such as federal government, energy, financial services and healthcare, Vaporstream’s leakproof communication platform provides the highest level of assurance that compliance professionals require. Vaporstream partners with NowSecure to test and certify its Android and iOS mobile messaging apps.

    Join us for this case study webinar to learn how Vaporstream adheres to a rigorous secure app lifecycle in order to meet customer expectations for secure communications:
    + Designing a secure app architecture & development process
    + Incorporating security testing into the release cycle
    + Comprehensive penetration testing
  • A Risk-Based Mobile App Security Testing Strategy Recorded: Sep 19 2018 55 mins
    Brian Reed (CMO), Chris Cimaglia (Mobile App Security Advocate)
    With 4 million public apps and millions more enterprise apps developed internally, not all Android and iOS apps are created equally. Some mobile apps simply publish information, some have sensitive data and others contain trade secrets. Given the volume and velocity of mobile apps, there simply aren’t enough resources to test them all in the same manner. There has to be a better way.

    NowSecure will introduce a new framework to help organizations craft a Risk-Based Mobile App Security Testing strategy. Join us for a webinar to gain practical insights, including the following:

    + The five components of risk-based testing
    + A decision grid for adjusting the depth and frequency of testing
    + How automated testing tools streamline management of the mobile app portfolio
  • Android P Security Updates: What You Need to Know Recorded: Aug 23 2018 54 mins
    Tony Ramirez, Mobile Security Analyst // Brian Reed, CMO
    2018 seems to be the year of privacy updates for both iOS and Android. In this webinar, Mobile Security Analyst Tony Ramirez will take a deeper look at security updates for Android, including:
    + Learnings from Android 8 (Oreo)
    + What to expect for Android P
    + How these enhancements affect mobile app security
  • iOS 12 Preview - What You Need To Know Recorded: Jun 12 2018 54 mins
    Tony Ramirez (Mobile Security Analyst), Brian Reed (CMO)
    Much of the improvements for iOS 12 focused on security and reliability. What prompted these changes and how will it affect the path forward? Join our discussion on Tuesday as Tony Ramirez, Mobile Security Analyst, shares about the following:

    + Learnings & remediations from iOS 11
    + Predictions coming out of WWDC
    + How we see the newest software update, iOS 12, affecting mobile app security testing
  • 5 Tips for Agile Mobile App Security Testing Recorded: Mar 21 2018 54 mins
    Brian Reed (Chief Mobility Officer) // Alex Wishkoski (Director of Product)
    Most mobile app penetration tests or vulnerability assessments take anywhere from a couple of days to two weeks to deliver because of the manual approaches, brittle open source stacks in homegrown testing rigs and legacy application security testing (AST) tools. The shift to agile development common in mobile app development teams has left appsec testing behind. New mobile app builds are pushed daily, weekly or monthly, and appsec testing teams struggle to keep up. Each new build brings new code, including 3rd-party libraries, and with that code comes new potential vulnerabilities.

    Application security & testing teams - this one’s for you. If you’re looking for ways to join the agile approach and keep pace with the speed of your development team’s CI/CD pipeline, take stock of these 5 tips for mobile appsec testing and integrate them into your company’s workflow.

    NowSecure - protecting the business at the speed of mobile.
  • Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA Recorded: Feb 21 2018 56 mins
    David Weinstein (CTO, NowSecure) // Sergi "Pancake" Àlvarez (R2) // Ole André (FRIDA)
    From the creators behind top mobile tools R2 and FRIDA, get the inside scoop on the R2 and FRIDA OSS projects. Led by NowSecure Research Team including David Weinstein, Ole André and Pancake (Sergi Àlvarez), this webinar speaks to our favorite mobile AST OSS projects. Peek behind the curtain on these tools, check out on their latest updates, learn how to use them to solve a crackme, and talk about potential future enhancements.

    Attendees will learn about popular open source projects for AST and walk away with hands-on experience on how to use them and get a peek at the future.
  • 85% of App Store Apps Fail OWASP Mobile Top 10: Are you exposed? Recorded: Jan 23 2018 56 mins
    Andrew Hoog (Founder) // Brian Reed (Chief Mobility Officer)
    NowSecure continuously monitors millions of mobile apps in third-party apps in the Apple® App Store® and the Google Play™ store for security, compliance and privacy risks.

    A comprehensive analysis of iOS and Android apps found that a staggering 85% of those apps fail one or more of the OWASP Mobile Top 10 criteria. Given that the average mobile device has over 89 mobile apps on it, what are the odds your employees have one or more of the apps and what’s the real risk to your business?

    During this webinar, renowned mobile security expert and NowSecure founder Andrew Hoog and Chief Mobility Officer Brian Reed will review the massive data set, detail the areas of exposure and review mitigation recommendations.

    Mobile apps power productivity in the modern business; don’t let a few bad apps bring it down.

    Note: Live attendees will be entered to win a free mobile app security assessment!
  • 5 Mobile App Security MUST-DOs in 2018 Recorded: Dec 5 2017 48 mins
    Andrew Hoog (Founder) // Katie Strzempka (VP of Customer Success & Services) // Brian Reed (Chief Mobility Officer)
    To close out the 2017 webinar season, our mobile security expert panel will review the top mobile threats of 2017 (e.g., Cloudbleed, Bootstomp, Broadpwn, and more) and then debate what’s next in mobile app security and mobile app security testing for 2018. Join us for a spirited discussion of the security ramifications of the new iPhone X, iOS 11, Android 8, the latest innovations in the mobile app security testing, and more. Compare your mobile app security and mobile app security testing initiatives with what our experts say should be your top priorities in 2018.

    Live attendees will be entered to win a free mobile app security assessment!
  • Danger in the App Stores: 3rd Party Mobile App Risk for Banks, FinServ & FinTech Recorded: Nov 14 2017 45 mins
    Brian Reed, CMO // Alex Wishkoski, Director of Product Management
    What you don’t know about third-party apps in the Apple® App Store® and the Google Play™ store can hurt you. Apple and Google have app review processes at various levels, but banks and financial services organizations require more scrutiny -- especially for BYOD & COPE devices. Commercial apps used by employees in the workplace can leak data and violate security policies. Third party apps that use your company SDKs or APIs can expose your organization, defraud your customers, and tarnish your brand. Join our webinar to learn how to incorporate third-party commercial apps in your mobile threat modeling exercises and application security programs to protect your organization, your reputation, and your customers.
  • What attackers know about your mobile apps that you don’t: Banking & FinTech Recorded: Oct 24 2017 55 mins
    Andrew Hoog, NowSecure Founder
    Our threat research team spends every waking moment reverse-engineering and cracking mobile apps and devices to help organizations reduce mobile risk. During this webinar, renowned mobile security expert and NowSecure founder Andrew Hoog will explain the attacker’s point-of-view, what attackers are looking for in mobile banking or financial services apps, and what makes your mobile app an appetizing target. We will then provide tips for deploying a mobile app security testing program to ensure you proactively plug security holes, squash privacy leaks, and fill compliance gaps in your mobile apps.
The Ultimate Tools for Mobile App Security Testing
NowSecure delivers fully automated mobile app security testing software with speed, accuracy, and efficiency for Agile and DevOps initiatives. Through static, dynamic, behavioral and interactive mobile app security testing on real Android and iOS devices, NowSecure identifies the broadest array of security threats, compliance gaps, and privacy risks. NowSecure customers can choose automated software on-premises or in the cloud, expert professional penetration testing and managed services, or a combination of all as needed.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Solving for compliance: Mobile app security for banking and financial services
  • Live at: Aug 22 2017 6:00 pm
  • Presented by: Brian Lawrence, NowSecure Security Solutions Engineer
  • From:
Your email has been sent.
or close