- Overview of Mobile Application Security
- Authentication and Authorization for iOS/Android Mobile Devices
- Data Protection for Android
- Validation and Encoding for Android
- Introduction to Web Application Security
- Secure Coding
for Java - Secure Coding
for .NET - Threat Modeling
- Software Security Remediation Basics
- CSRF Explained
Overview of Mobile Application Security
Course Duration: 30 minutes
Intended Audience: Mobile Application Developers, Software Developers, Security Professionals, Penetration Testers
This self-paced, e-Learning course provides an introduction to the basic concepts and best practices of secure development for mobile devices, concentrating on Android and iOS. This is the first in our series of Topics in Mobile Application Security courses, which will provide a deeper look into the security issues surrounding mobile devices. Each course will concentrate on a top mobile application vulnerability, using examples from each platform to demonstrate the flaw and approaches to mitigation.
Overview of Mobile Application Security gives a step-by-step guide on how to build a basic threat model for a smartphone application. This threat model is then used as a framework for making better decisions about how to design and build applications as well as how to test the security of existing applications. By understanding how mobile applications are connected to other systems, developers will understand how mobile applications can be vulnerable and sensitive data exposed.
Lesson 1: Overview of Mobile Application Security
Course Objectives: After completing this lesson, you should be able to:
- Understand the mobile universe and the capabilities of mobile devices
- Explain how mobile applications pose different security risks from web applications
Lesson 2: The Mobile Application Threat Model
Course Objectives: After completing this lesson, you should be able to:
- Explain a threat model for mobile applications
- Articulate the risks of a mobile application and how mobile developers can strike a balance between functionality and security
Lesson 3: Threats Facing Mobile Applications
Course Objectives: After completing this lesson, you should be able to:
- Understand the threats inherent in mobile applications
- Understand the capabilities of different development platforms (iOS and Android)
- Understand how to take advantage of mobile capabilities without exposing users to unnecessary risks
What Is ThreadStrong?
ThreadStrong is a self-paced, e-Learning solution designed by Denim Group's secure application development experts to help developers understand and apply the principles of secure design and coding.
ThreadStrong combines the hands-on knowledge of working software developers with the experience of world-sought trainers, who use best practices to provide practical and in-depth application security training content. Read more >>
Learn More About ThreadStrong
On-Site Training Available
If e-Learning is not the best solution for your training needs, the creators of ThreadStrong also offer application security training in classroom format.
"ThreadStrong's focus on mobile application training significantly increased its value and appeal and will help Sabre's development teams stay ahead and respond quickly to new needs in the mobile space."