NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy

The solution suite enables agencies to quickly access security threat reports, vulnerability information and SBOMs for commercial mobile app supply chain to support federal tracking and reporting mandates from EO, CISA OMB and DoD

NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy Show More
magnifying glass icon

Pau Oliva Fora

Former Mobile Security Engineer at NowSecure

Pau is a mobile security engineer, co-author of the “Android Hacker's Handbook,” and speaker at a variety of security conferences including DEF CON, RSA, RootedCon, NoConName, and OWASP.

Defeating SEAndroid – DEFCON 21 Presentation

viaForensics Sr. Mobile Security Engineer Pau Oliva (@pof) took the stage at DEFCON 21 this year to present “Defeating Security Enhancements (SE) for Android.” NOTE: We have posted videos and links to the PoC code for two of Pau’s demos in a separate blog. From his abstract:

Security Enhancements for Android (SEAndroid) enables the use of SELinux in Android in order to limit the damage that can be done by malicious apps, trying to make exploitation harder. Some OEMs are trying hard to implement extra mitigations in their devices, especially those aiming to reach the enterprise market. We will present some issues that are found in devices currently implementing SEAndroid, and demonstrate how vendors FAIL in properly implementing SEAndroid protection.