95% OF MOBILE APPS FAIL THE OWASP MASVS INDUSTRY STANDARD FOR MOBILE SECURITY FINDS NOWSECURE INDUSTRY BENCHMARK

Major mobile app security gaps place millions of mobile app users at risk, demonstrating that current security and privacy methods are not working and change is needed to protect the consumer.

Media Announcement
95% OF MOBILE APPS FAIL THE OWASP MASVS INDUSTRY STANDARD FOR MOBILE SECURITY FINDS NOWSECURE INDUSTRY BENCHMARK 95% OF MOBILE APPS FAIL THE OWASP MASVS INDUSTRY STANDARD FOR MOBILE SECURITY FINDS NOWSECURE INDUSTRY BENCHMARK Show More
magnifying glass icon

Pau Oliva Fora

Former Mobile Security Engineer at NowSecure

Pau is a mobile security engineer, co-author of the “Android Hacker's Handbook,” and speaker at a variety of security conferences including DEF CON, RSA, RootedCon, NoConName, and OWASP.

Defeating SEAndroid – DEFCON 21 Presentation

viaForensics Sr. Mobile Security Engineer Pau Oliva (@pof) took the stage at DEFCON 21 this year to present “Defeating Security Enhancements (SE) for Android.” NOTE: We have posted videos and links to the PoC code for two of Pau’s demos in a separate blog. From his abstract:

Security Enhancements for Android (SEAndroid) enables the use of SELinux in Android in order to limit the damage that can be done by malicious apps, trying to make exploitation harder. Some OEMs are trying hard to implement extra mitigations in their devices, especially those aiming to reach the enterprise market. We will present some issues that are found in devices currently implementing SEAndroid, and demonstrate how vendors FAIL in properly implementing SEAndroid protection.