Mobile devices are ubiquitous. The variety of mobile applications present on these devices is incredible, with both the Google Play market and Apple App store offering over two million applications each. While each app store has vetting of applications to help to protect consumers, there have been overtly malicious applications in the stores, as well as applications which exhibit less desirable behavior.
In this talk we’ll explore the SANS Top 8 mobile steps, and focus on a methodology for organizations to look at aspects of Android and iOS mobile applications, in order to protect the organization’s interests. There are some tools available to perform assessment of mobile applications, but we also need analysts who are competent at wielding those tools. This talk will bring awareness to those who haven’t had a peek behind the details of mobile applications. Additionally, it will provide technical specifics to people who want to assess mobile applications.