Build hybrid mobile applications like a security pro!

Presented at BSidesLV 2023, Aug. 8, 2023, 10:30 a.m. (45 minutes)

Hybrid mobile applications, unlike native ones, primarily function through a set of external, generally open source, libraries that help access the mobile operating system's native capabilities. But what does this mean in terms of security? Mobile applications come with their own set of security loopholes and attack vectors. Does this approach pose new challenges or exacerbate existing ones? In this talk, instead of discussing a known set of secure libraries, the attendees will understand the mobile threat model and learn how to vet a library by themselves.

Presenters:

• VINEETA SANGARAJU
  Vineeta is a senior research engineer at Synopsys. She evaluates current technologies, frameworks and languages in the industry to identify methods of using them securely. Her research contributes to static analysis solutions that influence server-side, mobile, and client-side areas of security. As a software security enthusiast, she obtained her master's degree in Computer Science from Indiana University and found her calling in application security. She has 8+ years of experience in the field and her key interests lie in web and mobile application security. Before diving into research, she was a Consultant where she performed penetration tests and code reviews for clients in the financial and healthcare industries.

Links:

• https://www.bsideslv.org/talks#9T9JVL

Similar Presentations:

• DEF CON 17 (2009) / Is your Iphone Pwned? Auditing, Attacking and Defending Mobile Devices
• AppSec USA 2013 / 2 Day Pre-Conference Training: Securing Mobile Devices & Applications Training
• AppSec USA 2017 / Overcoming Mobile App Security Challenges with DevOps