Top Mobile Security Testing Techniques

Whether we are testing a mobile-only application or the mobile interface to existing software, there are a number of testing challenges that are unique to the mobile platform. In this session we learn how to snoop on the conversation between the mobile and the server, how to impersonate the mobile application, and how to simulate the real-world network conditions that mobile devices experience. We show inexpensive, practical tools that let us do repeatable mobile simulations in a test environment. This session is best for people who have experience testing mobile applications, but want to incorporate security into their mobile testing activities.

Paco Hope (Cigital, UK)

Author of two security books and frequent conference speaker, Paco Hope is a Principal Consultant with Cigital Ltd and has been working in the field of software security for nearly 15 years. Paco helps clients in the financial, retail, and online gaming industries build secure software by performing source code review and architectural risk analysis. He is also a member of an advisory council with (ISC)² and serves as a subject matter expert for the CISSP and CSSLP security certifications.