Android Security Professional

Who should attend?

This course is focusing on Security Enthusiasts, IT professionals, and Mobile Application Developers seeking to understand typical mobile application security issues in detail.

Mobile Security Fundamentals
  • Mobile device overview
  • Android Architecture and Security Models
  • Mobile OWASP Top 10
  • Mobile Application Threat modeling
  • BYOD guidelines
Reverse Engineering and Static Analysis
  • Reversing APK
  • Analyzing permissions
  • Static code review
    • Hardcoded information
    • Log Review
    • Race Condition
    • Insecure coding practices
    • Improper coding practices
    • Malware analysis
    • Weak encryption / encoding
Dynamic Analysis
  • Installing SSL certificate
  • Session related vulnerabilities
  • Business logic vulnerabilities
  • Transport layer security implementations
  • Privilege escalations
  • Injection attacks
  • Weak encryption / encoding
  • Authorization / Authentication checks
  • Weak server-side controls
Binary Protection
Sqlite Analysis
Network Analysis
Secure Mobile Application Development Guidelines