Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment
Mobile Security Assessment

Check these out next

INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
Sylvain Martinez
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
Internetwork Engineering (IE)
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Cristian Garcia G.
2019 State of Cyber Security Report
2019 State of Cyber Security Report
Mohamed Zaheer Husain
PHISHING PROTECTION
PHISHING PROTECTION
Sylvain Martinez
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrime
Dejan Jeremic
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez
1 von 16

Mobile Security Assessment

3. Sep 2018
Downloaden Sie, um offline zu lesen
Technologie

A quick look at what you should be considering when assessing the security of a mobile application, looking at an established framework and some of the common tools to get started

Sylvain Martinez

Recomendados

2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez1.8K Aufrufe18 Folien
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDSSylvain Martinez283 Aufrufe17 Folien
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Sylvain Martinez182 Aufrufe15 Folien
The Art of CTFThe Art of CTF
The Art of CTFSylvain Martinez218 Aufrufe22 Folien
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWSylvain Martinez549 Aufrufe15 Folien
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESSylvain Martinez382 Aufrufe10 Folien

Más contenido relacionado

Presentaciones para ti(20)

INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez1.2K Aufrufe
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
Sylvain Martinez5.2K Aufrufe
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
Internetwork Engineering (IE)132 Aufrufe
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Cristian Garcia G.303 Aufrufe
2019 State of Cyber Security Report2019 State of Cyber Security Report
2019 State of Cyber Security Report
Mohamed Zaheer Husain284 Aufrufe
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTION
Sylvain Martinez2.3K Aufrufe
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrime
Dejan Jeremic942 Aufrufe
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
Sylvain Martinez195 Aufrufe
Ict conf td-evs_pcidss-finalIct conf td-evs_pcidss-final
Ict conf td-evs_pcidss-final
Dejan Jeremic656 Aufrufe
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
Sylvain Martinez531 Aufrufe
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Dejan Jeremic851 Aufrufe
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort165 Aufrufe
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist Attacks
BGA Cyber Security3.3K Aufrufe
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEye
Splunk1.8K Aufrufe
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
Tom K337 Aufrufe
2015 ISA Calgary Show: IACS Cyber Incident Preparation2015 ISA Calgary Show: IACS Cyber Incident Preparation
2015 ISA Calgary Show: IACS Cyber Incident Preparation
Cimation840 Aufrufe
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash1.1K Aufrufe
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Cristian Garcia G.220 Aufrufe
Cyber kill chainCyber kill chain
Cyber kill chain
Ankita Ganguly3.5K Aufrufe
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky3.4K Aufrufe

Similar a Mobile Security Assessment(20)

INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
Sylvain Martinez1K Aufrufe
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2
Greg Wartes, MCP28 Aufrufe
INFINITY PresentationINFINITY Presentation
INFINITY Presentation
Cristian Garcia G.1.2K Aufrufe
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - Zymr
ZYMR, INC.203 Aufrufe
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity
Zymr Cloud239 Aufrufe
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
Felipe Prado39 Aufrufe
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group2.3K Aufrufe
Lookout Mobile Endpoint Security Datasheet (US - v2.5)Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Lookout Mobile Endpoint Security Datasheet (US - v2.5)
Arnold Bijlsma67 Aufrufe
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.
Onwubiko Emmanuel383 Aufrufe
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions2.4K Aufrufe
How Aetna Mitigated 701 Malware Infections on Mobile DevicesHow Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile Devices
Skycure1.9K Aufrufe
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Skycure1.6K Aufrufe
Tracxn - Enterprise Security Startup LandscapeTracxn - Enterprise Security Startup Landscape
Tracxn - Enterprise Security Startup Landscape
Tracxn12.7K Aufrufe
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing Suite
IRJET Journal21 Aufrufe
vip_day_2._1130_cloudvip_day_2._1130_cloud
vip_day_2._1130_cloud
Nicholas Chia194 Aufrufe
Knowledge brief securonix-ueba-market_2018-spark-matrixKnowledge brief securonix-ueba-market_2018-spark-matrix
Knowledge brief securonix-ueba-market_2018-spark-matrix
Prachi Joshi72 Aufrufe
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
Kaspersky2.6K Aufrufe
finalreportsoarnew (1).pdffinalreportsoarnew (1).pdf
finalreportsoarnew (1).pdf
Firozkumar251 Aufrufe
finalreportsoarnew.pdffinalreportsoarnew.pdf
finalreportsoarnew.pdf
Firozkumar271 Aufrufe
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Mighty Guides, Inc.191 Aufrufe

Más de Sylvain Martinez(13)

INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
Sylvain Martinez1.2K Aufrufe
IOT SecurityIOT Security
IOT Security
Sylvain Martinez780 Aufrufe
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
Sylvain Martinez255 Aufrufe
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
Sylvain Martinez178 Aufrufe
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
Sylvain Martinez551 Aufrufe
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
Sylvain Martinez194 Aufrufe
Ethical HackingEthical Hacking
Ethical Hacking
Sylvain Martinez248 Aufrufe
INCIDENT HANDLING IN ORGANISATIONSINCIDENT HANDLING IN ORGANISATIONS
INCIDENT HANDLING IN ORGANISATIONS
Sylvain Martinez156 Aufrufe
SOCIAL MEDIA AS A CYBER WEAPONSOCIAL MEDIA AS A CYBER WEAPON
SOCIAL MEDIA AS A CYBER WEAPON
Sylvain Martinez277 Aufrufe
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
Sylvain Martinez764 Aufrufe
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez284 Aufrufe
Talk1 muscl club_v1_2Talk1 muscl club_v1_2
Talk1 muscl club_v1_2
Sylvain Martinez140 Aufrufe
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez471 Aufrufe

Último(20)

Safeguarding - Protecting Your Kafka from Misbehaving Clients with Tom ScottSafeguarding - Protecting Your Kafka from Misbehaving Clients with Tom Scott
Safeguarding - Protecting Your Kafka from Misbehaving Clients with Tom Scott
HostedbyConfluent0 Aufrufe
MirrorMaker: Beyond the Basics with Mickael MaisonMirrorMaker: Beyond the Basics with Mickael Maison
MirrorMaker: Beyond the Basics with Mickael Maison
HostedbyConfluent0 Aufrufe
Learnings From Shipping 1000+ Streaming Data Pipelines To Production with Hak...Learnings From Shipping 1000+ Streaming Data Pipelines To Production with Hak...
Learnings From Shipping 1000+ Streaming Data Pipelines To Production with Hak...
HostedbyConfluent0 Aufrufe
Implementing Exactly-once Delivery and Escaping Kafka Rebalance Storms with Y...Implementing Exactly-once Delivery and Escaping Kafka Rebalance Storms with Y...
Implementing Exactly-once Delivery and Escaping Kafka Rebalance Storms with Y...
HostedbyConfluent0 Aufrufe
Memory Matters: Drift Detection with a Low Memory Footprint for ML Models on ...Memory Matters: Drift Detection with a Low Memory Footprint for ML Models on ...
Memory Matters: Drift Detection with a Low Memory Footprint for ML Models on ...
HostedbyConfluent0 Aufrufe
Power futures.pptxPower futures.pptx
Power futures.pptx
ssuser17d4710 Aufrufe
Balance Kafka Cluster with Zero Data Movement with Haochen Li & Yaodong YangBalance Kafka Cluster with Zero Data Movement with Haochen Li & Yaodong Yang
Balance Kafka Cluster with Zero Data Movement with Haochen Li & Yaodong Yang
HostedbyConfluent0 Aufrufe
Versioned State Stores in Kafka Streams with Victoria XiaVersioned State Stores in Kafka Streams with Victoria Xia
Versioned State Stores in Kafka Streams with Victoria Xia
HostedbyConfluent0 Aufrufe
Build an Event-driven Microservices with Apache Kafka & Apache Flink with Ali...Build an Event-driven Microservices with Apache Kafka & Apache Flink with Ali...
Build an Event-driven Microservices with Apache Kafka & Apache Flink with Ali...
HostedbyConfluent0 Aufrufe
Eliminating the Double Write Problem in Apache Kafka Using the Outbox Pattern...Eliminating the Double Write Problem in Apache Kafka Using the Outbox Pattern...
Eliminating the Double Write Problem in Apache Kafka Using the Outbox Pattern...
HostedbyConfluent0 Aufrufe
AMOS_Usefull_commands.pdfAMOS_Usefull_commands.pdf
AMOS_Usefull_commands.pdf
ssuser3e27c60 Aufrufe
Bench, a Framework for Benchmarking Kafka Using K8s and OpenMessaging Benchma...Bench, a Framework for Benchmarking Kafka Using K8s and OpenMessaging Benchma...
Bench, a Framework for Benchmarking Kafka Using K8s and OpenMessaging Benchma...
HostedbyConfluent0 Aufrufe
Designing a Data Mesh with Kafka with Paul Makkar & Rahul GulatiDesigning a Data Mesh with Kafka with Paul Makkar & Rahul Gulati
Designing a Data Mesh with Kafka with Paul Makkar & Rahul Gulati
HostedbyConfluent0 Aufrufe
Swift -cscf-v2021.pdfSwift -cscf-v2021.pdf
Swift -cscf-v2021.pdf
ssuserfccd0d10 Aufrufe
What to do if Your Kafka Streams App Gets OOMKilled? with Andrey SerebryanskiyWhat to do if Your Kafka Streams App Gets OOMKilled? with Andrey Serebryanskiy
What to do if Your Kafka Streams App Gets OOMKilled? with Andrey Serebryanskiy
HostedbyConfluent0 Aufrufe
Data Quality from Precisely: Spectrum QualityData Quality from Precisely: Spectrum Quality
Data Quality from Precisely: Spectrum Quality
Precisely0 Aufrufe
Playing with Xbox Data with Dale LanePlaying with Xbox Data with Dale Lane
Playing with Xbox Data with Dale Lane
HostedbyConfluent0 Aufrufe
Lesson-01.pptxLesson-01.pptx
Lesson-01.pptx
ssuserc24e050 Aufrufe
Lesson-02 (1).pptxLesson-02 (1).pptx
Lesson-02 (1).pptx
ssuserc24e050 Aufrufe
Unveiling the Inner Workings of Apache Kafka® with Flamegraphs with Christo L...Unveiling the Inner Workings of Apache Kafka® with Flamegraphs with Christo L...
Unveiling the Inner Workings of Apache Kafka® with Flamegraphs with Christo L...
HostedbyConfluent0 Aufrufe

Mobile Security Assessment

  1. {elysiumsecurity} MOBILE SECURITY ASSESSMENT Version: 1.2a Date: 29/08/2018 Author: Sylvain Martinez Reference: ESC11-MUSCL Classification: Public cyber protection & response
  2. {elysiumsecurity} cyber protection & response 2 ADVANCEDTOOLSFRAMEWORKCONTEXT • Assessment Scope; • Mobile Assessment Framework; • Advanced Technics. CONTENTS Public • Mobile usage statistics; • App usage statistics; • Mobile security context. • Environment; • Android Tools; • IOS Tools;
  3. {elysiumsecurity} cyber protection & response 3 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE USAGE STATISTICS Public Source: COMSCORE, May 2017
  4. {elysiumsecurity} cyber protection & response 4 ADVANCEDTOOLSFRAMEWORKCONTEXT APP USAGE STATISTICS Public Source: COMSCORE, May 2017
  5. {elysiumsecurity} cyber protection & response 5 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE SECURITY CONTEXT Public Diagram Source: McAfee Mobile Threat Report Q1, 2018 SECURITY
  6. {elysiumsecurity} cyber protection & response 6 ADVANCEDTOOLSFRAMEWORKCONTEXT ASSESSMENT SCOPE Public INFRASTRUCTUREWEB API APPLICATION Icons from the noun project unless specified otherwise
  7. {elysiumsecurity} cyber protection & response 7 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE ASSESSMENT FRAMEWORK Public SOURCE: ELYSIUMSECURITY LTD – Please refer to us when re-using this diagram
  8. {elysiumsecurity} cyber protection & response 8 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE ASSESSMENT FRAMEWORK Public FILESYSTEM ANALYSIS ANDROID: /DATA/DATA/APP_NAME IOS: /PRIVATE/VAR
  9. NETWORK ANALYSIS {elysiumsecurity} cyber protection & response 9 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE ASSESSMENT FRAMEWORK Public MONITOR IP ADDRESSES AND URL
  10. USAGE ANALYSIS {elysiumsecurity} cyber protection & response 10 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE ASSESSMENT FRAMEWORK Public
  11. PSEUDO CODE ANALYSIS {elysiumsecurity} cyber protection & response 11 ADVANCEDTOOLSFRAMEWORKCONTEXT MOBILE ASSESSMENT FRAMEWORK Public SOURCE: ELYSIUMSECURITY LTD – Please refer to us when re-using this diagram PASSWORD
  12. {elysiumsecurity} cyber protection & response 12 ADVANCEDTOOLSFRAMEWORKCONTEXT ENVIRONMENT Public DISTRIBUTIONS OS APPLICATIONS
  13. {elysiumsecurity} cyber protection & response 13 ADVANCEDTOOLSFRAMEWORKCONTEXT ANDROID TOOLS Public FILESYSTEM ANALYSIS ADB TOOLS SSH NETWORK ANALYSIS PROXY SETTINGS ROGUE ACCESS POINTS WIRESHARK USAGE ANALYSIS YOUR THUMB! DROZZER PSEUDO CODE ANALYSIS DEX2JAR APKTOOL JD-GUI
  14. {elysiumsecurity} cyber protection & response 14 ADVANCEDTOOLSFRAMEWORKCONTEXT IOS TOOLS Public FILESYSTEM ANALYSIS USAGE ANALYSIS YOUR THUMB! NETWORK ANALYSIS PROXY SETTINGS ROGUE ACCESS POINTS WIRESHARK PSEUDO CODE ANALYSIS UNZIP FOR RESOURCES STRINGS IDA, CLASS-DUMP SSH TO JAILBROKEN PHONE
  15. {elysiumsecurity} cyber protection & response 15 ADVANCEDTOOLSFRAMEWORKCONTEXT ADVANCED TECHNICS Public ANTI JAILBREAK DETECTION SOFTWARE NETWORK TRAFFIC THROUGH AN IDS CHANGE CODE AND RECOMPILE (ANDROID)
  16. {elysiumsecurity} cyber protection & response © 2018 ELYSIUMSECURITY LTD. All Rights Reserved www.elysiumsecurity.com ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.