SEC575 provides a comprehensive approach to identifying, analyzing, and exploiting vulnerabilities in mobile applications on iOS and Android platforms. This course equips security professionals with the skills to perform advanced penetration testing and reverse engineering of mobile apps. Topics include secure coding practices, mobile app architecture, API security, and common vulnerabilities such as insecure data storage, improper authentication, and cryptographic flaws. Through hands-on labs and real-world scenarios, participants will learn to evaluate the security of mobile applications, uncover weaknesses, and provide actionable recommendations for remediation. SEC575 prepares attendees to tackle the unique challenges of securing mobile ecosystems effectively.
- Device Architecture and Application Interaction
- The Stolen Device Threat and Mobile Malware
- Static Application Analysis
- Dynamic Mobile Application Analysis and Manipulation
- Mobile Penetration Testing
- Hands-on Capture-the-Flag Event
