Security Weekly (Download Only)

Defense-in-depth strategies for securing mobile applications - Ryan Lloyd - ASW #390


Listen Later

Mobile applications have unique risks and threat models compared to server-side applications and infrastructure. Consequently, they need different strategies to ensure their business logic and workflows well secured. We'll dive into some of these defense-in-depth strategies and why they are important to mobile applications. Securing workflows goes beyond input validation and pattern matching suspicious payloads; it requires detailed attention to state machines, edge cases, and collecting signals to evaluate trust.

Segment Resources:

  • https://hubs.la/Q04jLKj70
  • https://mas.owasp.org/MASTG/0x04c-Tampering-and-Reverse-Engineering/
  • https://owasp.org/API-Security/editions/2023/en/0x00-header/

This segment is sponsored by Guardsquare. Visit https://securityweekly.com/guardsquare to learn more about them!

Show Notes: https://securityweekly.com/asw-390

...more
View all episodesView all episodes
Download on the App Store

Security Weekly (Download Only)By