Managing Vulnerabilities in Mobile Applications

Rafe Pilling,
Mobile applications can give organisations innovative and compelling ways to interact with their customers, employees and partners. However, mobile apps can increase security and compliance risks by increasing the attack surface for hackers or by inadvertently creating a risk of unauthorised access and data loss.

This webcast will examine the mobile application threat landscape and emerging trends. Rafe Pilling, Head of Security Testing at Dell SecureWorks, will discuss how to build a secure mobile application development lifecycle and present best practice for mobile application security testing.

Mobility is here to stay, so ensure that you are ahead in managing the risks so you can say “yes” to your organisation’s wants .
May 30 2012
45 mins
Managing Vulnerabilities in Mobile Applications
Join us for this summit:
More from this community:

IT Security

Webinars and videos

  • Live and recorded (4558)
  • Upcoming (135)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
Up Down
  • The modern CISO: Standing out from the crowd Jun 12 2014 11:00 am UTC 60 mins
    The role of the Chief Information Security Officer (CISO) has grown in complexity and magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative only adding to the dilemma. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…

    Information security is becoming more and more vital to organisations in this ever changing landscape, with the role of the CISO now more important than ever. The education and preparation of the cyber security leaders of today must keep pace with this change.

    During the webcast, Hadi Hosn, Senior Solutions Architect at Dell SecureWorks, will provide expertise and practical advice as well as real world examples from those that have lived and breathed the role of the CISO.

    Key topics discussed:

    •Succeed as an effective CISO/Director of Security/Head of Information Security

    •Improve and validate your skills

    •Be recognised as an industry leader and stand out from the crowd
  • The value of a security partnership: Engaging at the right level May 8 2014 11:00 am UTC 60 mins
    The remit of information security has grown to encompass all aspects of an organisation. It is no longer just a question of IT security. CISOs now need to understand the risks faced by their organisation, where security fits into every business process, and bridge the gap between technical and business stakeholders.

    As the remit has broadened, the need for insightful assistance has deepened, from help defining organisation-wide security strategy and metrics down to monitoring of individual log events, with policy, compliance, architecture, intelligence, incident response and end user security training in between.

    Chris Yule, Senior Security Consultant at Dell SecureWorks, will discuss how a security partner that can deliver at all levels of the security stack allows for a greater understanding of your organisation, which ultimately delivers better intelligence-led security.

    Key topic outlined:

    •Evolving from a traditional MSS-focused client/vendor approach to a security partnership
    •Examples of successful operating and engagement models
    •Delivering value and results to your organisation
  • POSitive Thinking: Detecting and Preventing Point of Sale (POS) Malware Attacks Recorded: Apr 3 2014 52 mins
    Malware targeting Point of Sale (POS) terminals has been exploited by eCrime operators for a number of years but has recently been catapulted to the forefront of industry attention with a number of high-profile breaches. Properly executed, a malware attack on POS terminals can reap huge volumes of credit card numbers in a short space of time without resorting to low-rate of return strategies involving large phishing campaigns. Due to its low risk/ high reward nature, this type of attack is only likely to become more popular with eCrime operators.

    In the session Rafe Pilling, Counter Threat Unit Special Operations, will look at the nature of the POS malware threat and how it can be defeated through proper application of threat intelligence.

    What will attendees learn:

    * A potted history of POS malware

    * What does the POS malware threat landscape look like?

    * Effective use of threat intelligence to detect and prevent POS malware attacks.
  • Building an Effective Security Operation Centre Recorded: Mar 13 2014 48 mins
    Security Operation Centres (SOCs) act as the nerve centre of an organisation providing real-time alerts, security intelligence and reports to act against internal and external threats. SOCs often use multiple event monitoring tools, ticketing systems and workflow solutions and as a result, building an effective SOC still remains a challenge for most organisations.

    How do organisations choose a security monitoring solution that gives optimal asset coverage and at the same time address the evolving threat landscape and compliance requirements? How can organisations demonstrate the value of SOC investment to board level stakeholders? How do organisations choose the correct operating model (outsource, in-source, and hybrid) to run and maintain a SOC?

    Sandip Wadje, Practice Leader for SOC Consulting at Dell SecureWorks, will help answer these questions and provide pragmatic next steps to rolling out an effective SOC.

    Key Webcast Topics and Takeaways:

    •The blueprint for an effective SOC
    •SOC tools and integration
    •Metrics and reporting
    •Choosing the right operating model
  • Securing the Extended Enterprise Recorded: Jan 24 2014 44 mins
    Join the latest Dell SecureWorks webcast to learn more on how to effectively secure the extended enterprise.

    The modern enterprise is operating in a hybrid world with data residing inside and outside the organisation; blurring boundaries of responsibility and challenging traditional security strategies. Whilst the complexity of the IT environment is increasing, so is the hostility of the cyber threat landscape.

    How do organisations remain agile and embrace innovation whilst dealing with increasingly sophisticated threats that are looking to exploit any weak points in the extended enterprise?

    This webcast will cover:

    •The latest intelligence from cyber threat researchers in the Counter Threat Unit

    •Security strategy considerations for the move to cloud computing

    •Practical steps for retaining control and reducing risk across the extended enterprise
  • Disrupting Malware Assisted Online Fraud Recorded: Nov 7 2013 47 mins
    E-banking trojans are a core component of a sophisticated and distributed criminal enterprise that routinely and efficiently targets online banking clients. Dell SecureWorks are an industry leader in e-Banking malware research and work with our clients on a daily basis to help them address this threat. In this workshop we will explore:

    •The threats posed by e-Banking malware; both to financial services organisations and their customers

    •The e-Crime “Cloud Services” model

    •Some of the advanced mechanisms employed to perpetuate online fraud

    •Effective mitigation strategies and countermeasures that work in the real world
  • EU Data Protection and Partnering with MSSPs: Debunking the Myths Recorded: Oct 23 2013 49 mins
    Managed Security Service Providers (MSSPs) provide enhanced security measures, expertise and awareness and enable organisations to make efficient use of their resources. However, organisations often feel they are stuck between a rock and a hard place when it comes to the EU Data Protection law and partnering with a MSSP.

    This webcast, delivered by experts from Dell SecureWorks and legal firm Field Fisher Waterhouse LLP will help clarify some of the common ‘myths’ regarding the intent of the law and how this affects working with a MSSP.

    Key webcast topics include:

    •Using third parties to process personal data

    •Transferring data outside the EU

    •Using cloud-based services

    •Local law enforcement access to data (e.g. by US authorities under the Patriot Act)
  • PCI 3.0: Go Forth and Comply Recorded: Oct 9 2013 30 mins
    The new Payment Card Industry Data Security Standards (PCI DSS) guidelines encourage organisations to focus on security rather than compliance in order to mitigate some of the most frequently seen risks that have precipitated cardholder-data compromise.

    Our latest webcast, delivered by Dell SecureWorks PCI expert, Ron Kiss, focuses on the proposed changes to the standard and how it could affect your organisation when they come into play on 1st January 2014.

    Key webcast topics include:

    •Version 2.0 to 3.0 – what are the changes?

    •A security approach to compliance rather than compliance approach to security

    •Pragmatic advice on what the next steps should be for your organisation
  • The Cyber Threat Landscape: Reloaded Recorded: Oct 3 2013 48 mins
    Join this Dell SecureWorks webcast to learn more about the latest security threats which could impact your organisation.

    During this webcast, Technology Director, Don Smith, will present intelligence gleaned from the Dell SecureWorks Counter Threat Unit (CTU). He will discuss the rise of advanced persistent threats, and how the security threat landscape is evolving and what you can do to keep pace.

    What are the motives of the threat actors, and what could make your organisation a target? Don will provide pragmatic advice on what you can do to protect your critical information assets and reduce the risk.
    Key webcast topics include:

    •The latest intelligence from the Dell SecureWorks Counter Threat Unit on cyber threats and what your organisation should really be concerned about?

    •The changing threat landscape and the rise of advanced persistent threat

    •The key threat actors and their motives

    •Pragmatic advice on what you can do to protect your organisation.
  • Building a Successful PCI Programme in a Complex Cloud Environment Recorded: Aug 29 2013 23 mins
    The use of Cloud Computing technology has seen a recent spike in popularity with spend estimated at 25% of all annual IT expenditure growth in 2012 and nearly a third of growth in 2013. With the efficiencies it provides, businesses are clambering to find ways of leveraging its advantage for all types of online business functions, including processing card payments. However, unambiguous information on the Payment Cards Industry (PCI) compliance implications of this new technology are unclear for organisations moving to the cloud.

    This has resulted in much confusion of what compliance means for business and assessors alike. In February this year, the PCI SSC published the Cloud Computing Information Supplement with provides a greater level of clarity for businesses and assessors alike.

    Ron Kiss, Senior Consultant At Dell SecureWorks, will discuss how to incorporate what has been learned from the Information Supplement into a successful PCI program for your organisation’s and its complex cloud environment.

    Key webcast topic include:

    •The rise and rise of cloud and common challenges facing organisations

    •Clarifying the Cloud Computing Information Supplement and how it affects you

    •Building a successful PCI programme tailored for your cloud environment

    Ron Kiss

    Ron Kiss is a Principal Consultant within the Security, Risk and Compliance team at Dell SecureWorks. In his current and past roles, Ron has conducted both PCI-DSS and PA-DSS assessments in Europe and overseas. He brings a wealth of experience in assessing Merchants, Service Providers and Payment Applications from a range of industries such as Retail, Airlines, and Finance. 
  • Complex Security Incident Investigation: Lessons Learned Recorded: Jul 3 2013 45 mins
    Join this webcast for insight into recent security breach investigations from the Dell SecureWorks Counter Threat Unit (CTU).

    Dell SecureWorks responds to thousands of incidents on a daily basis with the CTU investigating the most serious of these. Join this session for pragmatic advice based on real-world examples, to help ensure your organisation is better prepared for a security breach.

    This webcast will cover:

    •Critical mistakes Dell SecureWorks has encountered in real-world cases
    •Maximising the value of current controls at no extra cost
    •How to avoid potentially disastrous security lapses

    Rafe Pilling, Counter Threat Unit EMEA

    Rafe Pilling is a security expert working for the EMEA Counter Threat Unit. Rafe has significant experience in incident response and digital forensics from his background as a Senior Consultant within the Dell SecureWorks Consulting firm.

    The Dell SecureWorks Counter Threat Unit research team monitor the cyber underground and watch for emerging threats. Monitoring and analysing over 50 billion events a day, their unparalleled visibility into the global threat landscape helps protect thousands of organisations worldwide.
  • The cloud: Shaking up your security Recorded: Apr 25 2013 44 mins
    More and more organisations are turning to cloud computing to solve their biggest technology and business challenges. By this stage, most of us are aware of the many benefits cloud has to offer: lower hardware and IT costs, ease of management and increased agility, to name a few. Yet when it comes to security, cloud is not a silver bullet. In fact, according to the Cloud Security Alliance, security is cited as the number one barrier to adoption of cloud services among organisations.

    During this webcast, Mark Wood, Director of Product Management at Dell SecureWorks, will discuss some of the prevalent security risks which exist when moving to the cloud and how this affects the traditional approach to security.

    This webcast will address the following key themes:

    •The security impact of different cloud models and minimising risk in a multi-tenant environment
    •Sharing the security burden and establishing an effective relationship with your cloud provider.
    •Staying one step ahead of the evolving compliance landscape.

    Mark is responsible for managed security for cloud services at Dell SecureWorks. He has more than 25 years of experience in the technology community as a software engineer, a sales engineer, a start-up owner and a product manager.

    Previously, at Cloud Sherpas, a solutions provider focused on migrating organizations to Google Apps, Mark was responsible for product strategy, lifecycle management and optimizing existing products. He has also worked in marketing and product management at a number of leading technology companies, including nCircle, Internet Security Systems (ISS) and AT&T Bell Laboratories.

    Mark holds a Bachelor of Science degree in computer science from Duke University and a Master of Science degree in computer science from Georgia Institute of Technology.
  • Advanced incident response: Are you prepared Recorded: Apr 9 2013 45 mins
    How prepared are you for a data breach? With the threat environment growing more complex, and the rise in advanced and targeted attacks, how does your response plan hold up? Threat actors have have changed their tactics; so must you.

    This webcast will examine how to develop a robust incident response plan, which takes into account the changes in the threat landscape. Lee Lawson, Solution Architect at Dell SecureWorks, will discuss new approaches to identify advanced threats earlier, and how to go beyond responding to the most obvious symptoms of an attack, to understanding the full extent of the breach and what has been compromised.

    This webcast will address the following key themes:

    •Security breaches Dell SecureWorks has seen across its global customer base, from advanced and targeted threats
    •Developing an incident response plan which takes into account the complex threat landscape
    •Getting the necessary visibility into your network to enable you to spot advanced threats early and understand the true scale of the attack.
  • Advanced persistent threats: The threat is real Recorded: Mar 21 2013 43 mins
    Advanced Persistent Threats are more than media hype. Dell SecureWorks has seen a significant increase in stealthy activity targeting specific intellectual assets.

    Rafe Pilling, Counter Threat Unit EMEA, will provide the latest intelligence on Advanced Persistent Threats, using real-world examples; and provide pragmatic advice on what you should be doing now to protect your organisation.

    Security strategies and tactics must evolve in light of the growth in APT attacks; how do you find and stop advanced threats before they become serious breaches?

    This webcast will address the following key themes:

    •The latest tools and techniques that advanced threat actors are using
    •Real-world examples of successful APT attacks
    •Best practice for preventing and responding to APTs

    Rafe Pilling is a leading information security expert who works as a Researcher in the Dell SecureWorks Counter Threat Unit (CTU). Leveraging Dell SecureWorks' global threat visibility across thousands of customer networks, proprietary toolsets and unmatched expertise, the Dell SecureWorks CTU security research team performs in-depth analysis of emerging threats, including Advanced Persistent Threats.
  • Risk assessment and threat identification: Guidance on PCI requirement 6.2 Recorded: Mar 6 2013 25 mins
    Merchants are now required to have a process in place to identify and risk rank newly-discovered vulnerabilities in order to be PCI compliant. The intent is to ensure that businesses proactively seek information on new vulnerabilities that might affect their systems, and not simply wait for vendor updates and patch announcements that could come weeks, months or even years after vulnerabilities are discovered.

    During this webcast, Ron Kiss, Principal Consultant at Dell SecureWorks, will address the following key themes:

    •Integrating requirements introduced this year on ranking identified vulnerabilities that can compromise your cardholder data
    •Risk ranking frameworks and what processes to put in place for categorising threats and working within your risk assessment process
    •Using threat intelligence to increase protection of the business and provide real value

    Ron Kiss is a Principal Consultant within the Security, Risk and Compliance team at Dell SecureWorks. In his current and past roles, Ron has conducted both PCI-DSS and PA-DSS assessments in Europe and overseas. He brings a wealth of experience in assessing Merchants, Service Providers and Payment Applications from a range of industries such as Retail, Airlines, and Finance. 
  • You’re the one that they want: Targeted threats and you Recorded: Feb 28 2013 37 mins
    The rise in targeted threats means that IT security teams must move beyond a general understanding of the threat landscape, to a detailed understanding of their own context and the ability to spot threats targeted at their specific organisation.

    What different techniques should you use as a threat evolves from malicious talk in public forums and social media sites, through to more formulated threats, planning stages, and attack stages? In a world of information-overload and an explosion in communication channels, how do you sift through the noise and identify true threats to your business?

    During this webcast, Lee Lawson, Solutions Architect at Dell SecureWorks, will address the following key themes:

    •The challenges faced by organisations from the rise in targeted threats
    •Limitations of security processes in protecting from targeted threats
    •How to gain early visibility into the threats targeting your particular organisation

    Lee Lawson is the Solutions Architect for Security and Risk Consulting Services at Dell SecureWorks EMEA. In this role he is in charge of envisioning and creating combinations of new and existing services to solve the most unique and difficult customer problems. His past experience was as a Principal Consultant managing the EMEA Security Testing and Response team responsible for all adversarial-testing services such as penetration testing, social engineering and physical intrusions, and all responsive services such as digital forensics and security incident response/handling. This background has provided him with a deep knowledge of the subject having led complex and challenging projects for customers in all industries.
  • Dell SecureWorks Q&A Series: A False Sense of Security? Recorded: Oct 19 2012 12 mins
    First instalment of security Q&A sessions on whether organisations are operating under a false sense of security with the current measures they have in place.
  • Dell SecureWorks Advanced Persistent Threats Series Recorded: Sep 24 2012 16 mins
    Don Smith, Dell SecureWorks Technology Directors, discusses Advanced Persistent Threats (APT) and provides fascinating inisght into the topic, including:

    •Who are the APT threat actors and what are their objectives?
    •What tools and techniques are the hacker groups and cyber-criminals are utilising
    •Common attributes of the Advanced Persistent Threat
    •Trends and patters of APT gleaned from the Dell SecureWorks coalface
    •Who is being targeted by APT and why?
    •What measures and controls should organisations be implementing to combat APT
    •The importance of a robust Incident Response Plan
  • Advanced Persistent Threats: The Threat is Real Recorded: Sep 12 2012 41 mins
    Advanced Persistent Threats are more than media hype. Dell SecureWorks has seen a significant increase in stealthy activity targeting specific intellectual assets, and has been involved in investigating and responding to attacks from APT threat actors.

    During this webcast, Don Smith, Technology Director at Dell SecureWorks, will discuss real-world examples of APT attacks and how to best protect your organisation.
  • Security Leadership Interview Series on Advanced Threats: Question #4 Recorded: Sep 6 2012 11 mins
    What do you feel are the three most important elements of your incident response plan for your organization? Do you respond differently if it is an advanced threat?
Webcasts from the Dell SecureWorks Team
Dell SecureWorks is relentlessly driven to protect the integrity of the world's digital assets against cyberthreats. We do that with intelligent defences that combine our proprietary technology, global threat visibility and deep expertise. We are 100% focused on information security – it's all we do. That's why we are trusted by thousands of customers. Dell SecureWorks offers a full suite of Managed Security, Threat Intelligence and Security and Risk Consulting services.

Dell SecureWorks is positioned in the Leaders Quadrant of Gartner's Magic Quadrant for MSSPs and has been recognised by SC Magazine’s readers with the “Best Managed Security Service” award for 2006, 2007, 2008, 2009, 2011 (U.S. and Europe) and 2012. Additionally, our experts frequently provide authoritative information security commentary in major media outlets including the New York Times, The Wall Street Journal, The Financial Times, USA Today, The Guardian and many others.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Managing Vulnerabilities in Mobile Applications
  • Live at: May 30 2012 11:00 am
  • Presented by: Rafe Pilling,
  • From:
Your email has been sent.
or close
You must be logged in to email this