Service2Media builds highly secure Apps using a holistic approach that combines a secure and well structured development environment with the application of the latest security techniques. The result is Apps of Steel. This webinar will explain what we have done, how we work and what we could do for you.
What you will take-away from this webinar:
Understand the key security issues and their affect on the market for mobile App solutions
Why a secure and well structured App Platform is a better way to build Secure Apps
The capabilities we have incorporated into the platform that make the Apps we deliver more secure
How to use our platform and services to build your own App portfolio based on this solution
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Webinar Security: Apps of Steel
1. SECURITY WEBINAR
APPS OF STEEL
Martin Gandar Derk Tegeler
Strategic Marketing Director Security Director
2. AGENDA
• State of mobile security
• Mitigation strategies
• Security by design
• Software development
• M2Active™, the App Lifecycle Platform
3. STATE OF
MOBILE SECURITY
• Software on the move
• The mobile operating system
• The apps and the stores
• The software distribution
problem
• Malware
4. MOBILE SECURITY:
NETWORKS
• Networks
• Control
• The need for encryption against
MITM attacks
– Telephone networks
– Public Wi-Fi hotspots
– rogue access points
• Issues with DNS
• Issues with the Public Key
Infrastructure (PKI)
5. MITIGATION
STRATEGIES
• Accountability in business processes
• Budget
• Risk analysis
• Risk = impact*likelihood
• Information classification and protection
rules per class for:
• Transmission, Storage & Processing
• Multiple information transmission channels
• Awareness of known vulnerabilities
6. SECURITY
BY DESIGN
• Information classification
• Risk analysis
• Threat modelling
• Dependencies
• Use several security levels
• Good key management
7. SOFTWARE
DEVELOPMENT
• Secure coding standards
• Defensive programming
• Don’t leak!
• Document: in the code, release notes
and all other documentation.
• Collaborative development
• Maintenance
• Code transfers
• The App lifecycle
8. THE APP
LIFECYCLE
PLATFORM ™
- Encrypted object code providing
integrity and confidentiality of the
software package
- API’s
- Secure Coding Standards giving our
partners a strong basis
- Templates, best practices and code
snippets
9. M2ACTIVE
API’S
- API’s:
- Authentication Manager
- Crypto / cryptographic
functions:
- Base64 encoding and decoding
- SHA-1 and SHA-256 hashing
- AES encryption and decryption
- Key generation algorithms
- HTTPS support, including
OAUTH
10. THANK YOU FOR
YOUR TIME
NEXT WEBINAR:
18th OF JUNE:
ORGANIZING FOR
ENTERPRISE APP
PORTFOLIOS
11. SECURITY WEBINAR
APPS OF STEEL
Martin Gandar Derk Tegeler
Strategic Marketing Director Security Executive
mgandar@service2media.com dtegeler@service2media.com
0044 7770 366 566 0031 6 16 47 29 52