Upload
service2media
View
4.852
Download
3
Tags:
Embed Size (px)
DESCRIPTION
Service2Media builds highly secure Apps using a holistic approach that combines a secure and well structured development environment with the application of the latest security techniques. The result is Apps of Steel. This webinar will explain what we have done, how we work and what we could do for you. What you will take-away from this webinar: Understand the key security issues and their affect on the market for mobile App solutions Why a secure and well structured App Platform is a better way to build Secure Apps The capabilities we have incorporated into the platform that make the Apps we deliver more secure How to use our platform and services to build your own App portfolio based on this solution
Citation preview
SECURITY WEBINAR
APPS OF STEELMartin GandarStrategic Marketing Director
Derk TegelerSecurity Director
• State of mobile security• Mitigation strategies• Security by design• Software development• M2Active™, the App Lifecycle Platform
AGENDA
STATE OF MOBILE SECURITY
• Software on the move• The mobile operating
system• The apps and the stores• The software distribution
problem• Malware
MOBILE SECURITY: NETWORKS• Networks
• Control• The need for encryption
against MITM attacks– Telephone networks– Public Wi-Fi hotspots– rogue access points
• Issues with DNS• Issues with the Public Key
Infrastructure (PKI)
MITIGATION STRATEGIES• Accountability in business processes• Budget• Risk analysis
• Risk = impact*likelihood• Information classification and
protection rules per class for:• Transmission, Storage & Processing
• Multiple information transmission channels
• Awareness of known vulnerabilities
SECURITY BY DESIGN• Information classification• Risk analysis• Threat modelling• Dependencies• Use several security levels• Good key management
SOFTWARE DEVELOPMENT• Secure coding standards• Defensive programming• Don’t leak!• Document: in the code, release notes and all other documentation.
• Collaborative development• Maintenance• Code transfers• The App lifecycle
THE APP LIFECYCLE PLATFORM ™
- Encrypted object code providing integrity and confidentiality of the software package
- API’s- Secure Coding Standards giving
our partners a strong basis- Templates, best practices and
code snippets
M2ACTIVEAPI’S- API’s:
- Authentication Manager- Crypto / cryptographic
functions:- Base64 encoding and decoding- SHA-1 and SHA-256 hashing- AES encryption and decryption- Key generation algorithms
- HTTPS support, including OAUTH
THANK YOU FOR YOUR TIMENEXT WEBINAR:18th OF JUNE:ORGANIZING FOR ENTERPRISE APP PORTFOLIOS
SECURITY WEBINAR
APPS OF STEELMartin GandarStrategic Marketing [email protected] 7770 366 566
Derk TegelerSecurity [email protected] 6 16 47 29 52