Hi [[ session.user.profile.firstName ]]

6 Ways to Build an Insecure Mobile Application

Companies continue to move more and more of their infrastructure to the cloud, and while many focus well on infrastructure security they forget that most compromises occur at the application layer. This talk will walk through the most dangerous and commonly seen application vulnerabilities in the Fo
Companies continue to move more and more of their infrastructure to the cloud, and while many focus well on infrastructure security they forget that most compromises occur at the application layer. This talk will walk through the most dangerous and commonly seen application vulnerabilities in the Fortify on Demand testing practice. It will include discussion of the various risks, the mistakes that lead to their introduction, and how to avoid them.
Recorded Aug 1 2013
38 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniel Miessler, Principal Security Architect
Presentation preview: 6 Ways to Build an Insecure Mobile Application
Recommended for you:
  • Date
  • Rating
  • Views
  • Building Scalable Web Apps on AWS Building Scalable Web Apps on AWS Jesper Söderlund and Ian Massingham Live 60 mins
    Join AWS for this Building Scalable Web Applications webinar where we will explain the key architectural patterns used to build applications in the AWS Cloud, and how to leverage cloud fundamentals to build highly available, cost effective web-scale applications.

    You will learn how to design for elasticity and availability within AWS using a common web architecture as a reference point and discuss strategies for scaling, security, application management and global reach. If you want to know how to make your applications truly scale then join this webinar to learn more.
  • Building and Securing your 5* App Building and Securing your 5* App Steve Lamb, EMEA Regional Manager & Rob Stock, Solutions Consultant, Hewlett Packard Enterprise Live 45 mins
    This month the debate will range around applications and how we deploy and secure them for mobile devices. Speakers will discuss BYOD, device management, developing and designing secure apps and how that impacts the lifecycle.

    This discussion will reference products including Mobile Centre, Unified Functional Testing, LoadRunner, Network Virtualization, Fortify Web Inspect, AppPulse Mobile ,Fortify on Demand, Fortify Source Code Analysis.
  • CA ARD: efficienza ed ottimizzazione dei test tramite un approccio Model-Driven CA ARD: efficienza ed ottimizzazione dei test tramite un approccio Model-Driven Domenico Maracci - CA Technologies Recorded: May 26 2016 28 mins
    In un momento in cui le iniziative IT corrono di pari passo col business, l’abilità di comunicare i requisiti di business in un modo che sia direttamente comprensibile all’IT diventa un imperativo. CA ARD utilizza l’approccio Model Driven Testing per eliminare ambiguità nei requisiti, ottimizzando i cicli di test garantendo totale test coverage.
  • Alternatives to RSA Data Protection Manager for Centralized Key Management Alternatives to RSA Data Protection Manager for Centralized Key Management Steve Kingston, Product Manager - Gemalto Recorded: May 25 2016 27 mins
    RSA’s Data Protection Manager (DPM), BSAFE and tokenization products are quickly approaching EOL/EOPS, presenting RSA customers with an opportunity to reassess their encryption key management architecture and needs. With so many technologies available today that seemingly offer the same capabilities, how do you select the vendor and solution that is right for you?
    Join Stephen Kingston, Product Manager for SafeNet KeySecure, Gemalto, where you will learn how you can:

    • Benefit from proven, successful RSA to Gemalto migration use cases, including Healthcare, PII Protection and Retail PoS applications
    • Easily migrate with the same one-to-one functionality offered by SafeNet KeySecure and SafeNet Data Protection Connectors
    • Avoid encryption silos with a centralized key manager whether on-premises, virtual, or in the cloud
    • Painlessly expand your encryption solution as your future needs grow, be it files, databases, applications, or tokenization
    • Quickly get started with our 5 easy migration steps
  • Alternatives to RSA Data Protection Manager for Centralized Key Management Alternatives to RSA Data Protection Manager for Centralized Key Management Steve Kingston, Product Manager - Gemalto Recorded: May 25 2016 27 mins
    RSA’s Data Protection Manager (DPM), BSAFE and tokenization products are quickly approaching EOL/EOPS, presenting RSA customers with an opportunity to reassess their encryption key management architecture and needs. With so many technologies available today that seemingly offer the same capabilities, how do you select the vendor and solution that is right for you?
    Join Stephen Kingston, Product Manager for SafeNet KeySecure, Gemalto, where you will learn how you can:

    • Benefit from proven, successful RSA to Gemalto migration use cases, including Healthcare, PII Protection and Retail PoS applications
    • Easily migrate with the same one-to-one functionality offered by SafeNet KeySecure and SafeNet Data Protection Connectors
    • Avoid encryption silos with a centralized key manager whether on-premises, virtual, or in the cloud
    • Painlessly expand your encryption solution as your future needs grow, be it files, databases, applications, or tokenization
    • Quickly get started with our 5 easy migration steps
  • From the Field to the Back Office: Complete Digital Transformation for Energy From the Field to the Back Office: Complete Digital Transformation for Energy Joseph Yoklavich, National Sales Director for Energy Recorded: May 24 2016 50 mins
    Attend this webinar to find out why USG&E, Engie and other energy companies choose OutSystems for application development and integration. You’ll see:

    •How to build a mobile application visually in minutes
    •How easy continuous change can be with Integrated App Feedback
    •How simple and fast integration with existing back-office systems and data can be
  • From the Field to the Back Office: Complete Digital Transformation for Energy From the Field to the Back Office: Complete Digital Transformation for Energy Joseph Yoklavich, National Sales Director for Energy Recorded: May 24 2016 50 mins
    Attend this webinar to find out why USG&E, Engie and other energy companies choose OutSystems for application development and integration. You’ll see:

    •How to build a mobile application visually in minutes
    •How easy continuous change can be with Integrated App Feedback
    •How simple and fast integration with existing back-office systems and data can be
  • Accessible and Affordable 3rd Party API and Microservice Integration Testing Accessible and Affordable 3rd Party API and Microservice Integration Testing Nathan Devoll, SV Consultant, CA Technologies Recorded: May 21 2016 56 mins
    Creating seamless digital experiences for customers can require hundreds of systems and services to work together. Not only do you have to worry about your own internal systems, but now in the world of APIs and microservices you also have to worry about how these external systems are going to work with yours.

    Testing dependencies on 3rd party services presents unique challenges. Many 3rd parties charge access fees for test interfaces and the availability and performance of the interfaces may not be the same as the production versions.

    Learn how service virtualization can be used to:
    •Virtualize 3rd party services so they are accessible all the time without fees
    •Replicate production like dependencies for testing
    •Reproduce production defects for faster remediation
    •Eliminate scheduling conflicts and enable parallel development
    •Generate virtualized data
  • Make Testing More Agile and Eliminate Excuses Make Testing More Agile and Eliminate Excuses Chris Kraus, CA Technologies Recorded: May 21 2016 57 mins
    Working in QA and testing has never been more challenging. Development is turning out new code faster than ever, and test backlogs just keep piling up. Errors that make it into production then need to be traced and fixed, adding to the backlog.

    Discover how test automation, service virtualization, and test data management can help you make your testing more agile—and permanently eliminate the excuses.

    You will learn how to avoid these common excuses with the following skills:
    •The dog ate my data: Simplify test data management and increase test coverage
    •That application was before my time: Automate tests for poorly documented systems
    •Nobody told me that: Improve test case requirements with visualization
    •I didn’t have time to test that: Accelerate testing with test automation and open source code
    •It worked fine on my machine: Use service virtualization to create production-like test environments in minutes
  • Using Chef Compliance to Secure your Servers Using Chef Compliance to Secure your Servers Joe Gardiner, Field Solutions Architect, Chef Recorded: May 20 2016 33 mins
    Chef Compliance lets you express your compliance rules as code. You can easily run those rules as tests whenever you want. You get immediate feedback on whether your servers are configured as they should be.

    Chef Compliance scans your servers to see if they are configured in accordance with your rules and generates a report that identifies the issues it found. You can then use Chef to remediate those problems.

    In this webinar, Joe Gardiner will demonstrate how Chef Compliance works by scanning a default installation of RHEL 7.0 on the public cloud to see if it is CIS compliant. After the scan identifies the problem areas, Joe will use Chef to bring the server in line with the CIS benchmarks.

    You’ll also learn about an offer from Chef to help you perform a scan of your infrastructure and get you started on the road to compliance.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 6 Ways to Build an Insecure Mobile Application
  • Live at: Aug 1 2013 7:25 pm
  • Presented by: Daniel Miessler, Principal Security Architect
  • From:
Your email has been sent.
or close
You must be logged in to email this