Originally presented September 17, 2019 at the OWASP Bay Area Meetup
Mobile Security Analyst Tony Ramirez shares foundational concepts and actionable takeaways for folks who want to get started with mobile app security testing.
A storm of mobile app security and privacy issues continues to intensify, while the skills gap worsens. Security professionals have discovered that web app security practices don’t cut it for mobile. Because the tools and methodologies differ, it’s time for practitioners to learn some new skills leveraging the OWASP Mobile Project resources and patterns found testing thousands of mobile apps. In this talk, you’ll learn how to crawl, walk, then run in mobile app security testing, with an end goal of having all the tools and knowledge necessary to become a mobile appsec expert. Ultimately, all mobile appsec experts have to start somewhere. If you start off on the right foot, there’s no telling what vulnerabilities you may uncover and how your career can grow.