- Overview of Mobile Application Security
- Authentication and Authorization for iOS/Android Mobile Devices
- Data Protection for Android
- Validation and Encoding for Android
- Introduction to Web Application Security
- Secure Coding
for Java - Secure Coding
for .NET - Threat Modeling
- Software Security Remediation Basics
- CSRF Explained
Validation and Encoding for Android
Course Duration: 30 minutes
Intended Audience: Mobile Application Developers, Software Developers, Security Professionals, Penetration Testers
This self-paced, e-Learning course provides an overview of best practices for input validation and output encoding on the Android platform. This course continues the ThreadStrong Topics in Mobile Application Security series, which will provide a deeper look into the security issues surrounding mobile devices.
Input validation and output encoding can help ensure that data and networks are kept secure. By understanding the various methods of exploit, mobile developers can help prevent such attacks. This course will help attendees understand how to validate and encode information on the Android platform.
Lesson 1: Protection Against Injection
Course Objectives: After completing this lesson, you should be able to:
- Understand how lack of input validation can be exploited
- Explain how to encode untrusted data for display
Lesson 2: Validating Data in Interprocess Communications
Course Objectives: After completing this lesson, you should be able to:
- Describe the methods Android provides for interprocess communications (IPC)
- Understand the best practices for securing IPC’s
Lesson 3: Validating Data from Third-Party Web Services
Course Objectives: After completing this lesson, you should be able to:
- Explain how enterprise web services can be exploited
- Describe the impact of not using customer permissions
What Is ThreadStrong?
ThreadStrong is a self-paced, e-Learning solution designed by Denim Group's secure application development experts to help developers understand and apply the principles of secure design and coding.
ThreadStrong combines the hands-on knowledge of working software developers with the experience of world-sought trainers, who use best practices to provide practical and in-depth application security training content. Read more >>
Learn More About ThreadStrong
On-Site Training Available
If e-Learning is not the best solution for your training needs, the creators of ThreadStrong also offer application security training in classroom format.
"ThreadStrong's focus on mobile application training significantly increased its value and appeal and will help Sabre's development teams stay ahead and respond quickly to new needs in the mobile space."