Silicon Valley Code Camp : October 3rd and 4th 2015
Sam Bowne
City College San Francisco
About Sam
Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at CodeCamp, DEFCON, BayThreat, LayerOne, and Toorcon, and taught classes and seminars at many other schools and teaching conferences.
He has a Ph.D. and a CISSP and a lot of other certifications, and a lot of computer and cables and firewalls and stuff.
It's easy to audit Android app security, and very important, because most of them have one or more of the OWASP Mobile Top Ten Risks. I tested the top ten US bank apps, stock trading apps, and insurance apps, and 70% of them were insecure. I'll demonstrate several real vulnerable apps, and show to find SSL validation failures and how to add Trojan code to a vulnerable app to create a Proof-of-Concept. Complete instructions for all these tests
are available free at samsclass.info.