Knowledg

Mobile App Security+ Android Edition

Android™ app development is a valuable skill set for a programmer today. An important part of that skill set is the ability to create apps that protect you, your users, and your users’ organizations from attack. In this 3 day instructor-led course, you will learn why it is critical to build security into your Android apps, how to improve your programming processes to promote security, and how to provide countermeasures for the numerous threats to which an Android app and its users are exposed.

Lesson 1: The Rationale for Android App Security

Topic A: Identify the Need for Security Topic B: Identify Security Requirements and Expectations Topic C: Include Security in Your Development Processes Topic D: Identify Your Approach to Risk Management

Lesson 2: The Android Security Architecture

Topic A: Strengths and Weaknesses of the Android Security Architecture Topic B: The Android Permissions Model Topic C: Android Vulnerabilities

Lesson 3: Employing Secure Mobile App Development Strategies

Topic A: Follow App Security Best Practices Topic B: Design for Security Topic C: Write Secure Objective-C Code

Lesson 4: Accessing Local Processes and Devices Securely

Topic A: Select Countermeasures for Local Threats Topic B: Implement Secure Access of Local Processes and Hardware

Lesson 5: Securing Data Through Encryption

Topic A: Select Countermeasures for Threats to Cleartext Data Topic B: Implement Encryption

Lesson 6: Accessing Local Storage Securely

Topic A: Identify Countermeasures for Local Storage Threats Topic B: Implement Secure Access of Local Storage

Lesson 7: Communicating with Networks and Web Services Securely

Topic A: Identify Countermeasures for Networking Threats Topic B: Implement Secure Network Communication

Lesson 8: Using the WebView Component Securely

Topic A: Identify Countermeasures for WebView Component Threats Topic B: Implement WebView Security

Lesson 9: Protecting Credentials in Storage and Transit

Topic A: Identify Countermeasures for Threats to Credentials Topic B: Implement Secure User Authentication

Lesson 10: Hardening Apps Against Attack

Topic A: Identify Countermeasures for Reverse Engineering Threats Topic B: Harden an App