Imagine waking up to the realization that the personal data of millions of your users is being leaked. A minor oversight in an app can lead to major reputational damage. We all know the horror stories, but few app developers can explain what parts of their app are actually at risk.
In this talk, we want to turn these horror stories into learning opportunities. Let’s take a deep dive into the cookbook of an attacker. What angles are malicious users of your app looking from? What did the actual exploited source code look like? What does a typical exploitation process look like?
We will also look at the different ways the mobile industry is trying to protect itself against these attacks. Acronyms like OWASP, MASVS, and MASA are nice, but do they really spoil the appetite of an attacker?
We’ll explain what we at Guardsquare see as the next step in mobile application security, and how you can both contribute to this and benefit from it today.