ViewTube

ViewTube
Sign inSign up
Skip

Recommended videos

NDC Conferences
Application security from start to finish - Michael Kaufmann - NDC Porto 2022
45:56
Application security from start to finish - Michael Kaufmann - NDC Porto 2022

8,010 views

1 year ago

IBM Technology
Explained: The OWASP Top 10 for Large Language Model Applications
14:22
Explained: The OWASP Top 10 for Large Language Model Applications

14,919 views

8 months ago

OWASP Foundation
Cutting to the chase: Security Design and Guidance at scale
30:50
Cutting to the chase: Security Design and Guidance at scale

1,077 views

3 months ago

University of South Australia
2014 Three Minute Thesis winning presentation by Emily Johnston
3:19
2014 Three Minute Thesis winning presentation by Emily Johnston

5,247,410 views

9 years ago

Show more

Refactoring Mobile App Security

90 views

0

Channel image

OWASP Foundation

64K subscribers

Mon, 29 Jan 2024 00:00:00 GMT
Share

Tags

owasp

appsec

Slides: https://static.sched.com/hosted_files/owasp2023globalappsecwashin/20/OWASP%20AppSec%20US%202023%20-%20Refactoring%20Mobile%20App%20Security.pdf In this talk we will present the new iteration of the OWASP MASTG v2, including brand new MAS profiles (previously known as “levels”), news about automation and “compliance as code”, and a walkthrough of some of the new “atomic tests”. Since 2016, when the OWASP MASVS and MASTG became part of the OWASP universe, many contributions have been made by 100s of people, making it the de facto “industry standard for mobile app security”. Acknowledging the changes in the industry, the first major refactoring of MASVS was done between 2021 and early 2023 to bring it to v2 and address the limitations identified during real-world pentest engagements. To complement this, we have started refactoring the MASTG test cases to align them with the new controls and to make them more automation-friendly. Want to secure your mobile apps? See you there! Carlos Holguera NowSecure Mobile Security Research Engineer Carlos is a mobile security research engineer and one of the two leaders of the OWASP Mobile App Security (MAS) project who has gained many years of hands-on experience in the field of security testing for mobile apps and embedded systems such as automotive control units and IoT devices. He is passionate about reverse engineering and dynamic instrumentation of mobile apps and is continuously learning and sharing his knowledge. Sven Schleier Crayon Principal Security Consultant Sven is living in Austria and a Principal Security Consultant at Crayon, specialised in Cloud Security. He has extensive experience in offensive security engagements like Penetration Testing and Application Security by supporting and guiding software development projects for Mobile and Web Applications during the whole SDLC to build security in from the start. Besides his day job Sven is one of the core project leaders and authors of the OWASP Mobile Application Security Testing Guide (MASTG) and OWASP Mobile Application Security Verification Standard (MASVS) and has created the OWASP Mobile Hacking Playground. Sven is giving talks and workshops about Mobile Security worldwide to different audiences, ranging from developers to students and penetration testers. Managed by the OWASP® Foundation https://owasp.org/

0 Comments