This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Join us at AppSec California 2014!

AppSec California is the first of hopefully many annual conferences hosted by all of the California chapters. Join us on the beaches of Santa Monica which is closest to our Los Angeles Chapter. Space is limited to around 200 attendees so be sure to get your ticket before we sell out!

Come a little early or stay the rest of the week; however you enjoy it, the weather is likely going to be warmer than where you are. Enjoy the Santa Monica pier and downtown area or explore the surrounding cities. You probably have a client or 10 near by too so say hello to them too.

Stay tuned as activities around the event are updated and more speakers are added to the lineup. A schedule will come at some point.

Register today! 
View analytic
Monday, January 27 • 4:15pm - 5:15pm
OWASP Top 10 Mobile Risks: 2014 Reboot

Sign up or log in to save this to your schedule and see who's attending!

The OWASP Top 10 Mobile Risks were first created in 2011. However, a lot has changed over the past three years. The mobile platforms themselves have evolved, mobile threats have evolved, and app developers have experimented with crazy new things. As a result, the OWASP Mobile Security Project decided it was the time to take another look at the threat landscape.

In this presentation, we will present the 2014 version of the OWASP Top 10 Mobile Risks for the first time. We will highlight the differences between the 2011 and 2014 versions and we will explain why some risks were added to the list, dropped altogether, elevated in criticality, or bumped down a few notches. As we present each risk that made the list, we will provide supporting data and explain the reasoning behind each entry in detail.

But what would an OWASP presentation be without also providing solutions to the problems we’re pointing out? For each of the risks identified, recommended fixes will be provided for the most commonly used mobile platforms (which pretty much means iOS, Android, and if we’re feeling adventurous, Windows Phone).

avatar for Jason Haddix

Jason Haddix

Jason is also the Director of Penetration Testing at Fortify Software. Jason performs (and trains internal candidates for) mobile penetration testing, black box web application auditing, network/infrastructural security assessments, cursory mainframe security analysis, cloud architecture reviews, wireless network assessment, binary reverse engineering, and static analysis. He is also a semi-regular player on the capture the flag team... Read More →

Jack Mannino

Jack Mannino is a Partner at nVisium, a DC area firm specializing in application security. At nVisium, he helps to ensure that large corporations, government agencies, and software startups have the tools they need to build and maintain successful security initiatives. He is an active Android security researcher/tinkerer, and has a keen interest in identifying security issues and trends on a large scale. Jack is a leader and founder of the... Read More →

Monday January 27, 2014 4:15pm - 5:15pm
Track 1

Attendees (9)