Certified Mobile Application Security Professional CMASP
Mobile Application Security refers to identify, analyze and manage the risk associated with mobile applications throughout the software development lifecycle. The mobile application security is designed to reduce the impact of attackers stealing user's passwords and crucial data such as credit/debit card payment information,personal information, etc.
Training dates:
Americas & Europe:
- Date: 30th Oct – 1st Nov 2023
- Time: 1:00 PM – 5:00 PM (GMT)
- Mode: Online (GoToWebinar)
- Duration: 4 hours for 3 days each (12 hours of online training)
- Fees
- USD $ 200 for regular participants
- USD $ 150 for ISACA/ISC2 members
Asia & Middle East:
- Date: 25 – 27, Oct 2023
- Time: 6:00 AM To 10:00 AM (GMT)
- Duration: 4 hours for 3 days each (12 hours of online training)
- Mode: Online
- Fees:
- USD $ 200 for regular participants
- USD $ 150 for ISACA/ISC2 members
The objective of the program:
- To prevent future attacks by guessing the behaviors of attackers and anticipating their moves
- To go live with the new mobile application without the worry about security risks
- Changing the architecture such as network, components of the mobile application if necessary
- To meet tough industry security standards and comply with regulations
- Reduces risk from both internal and third-party sources.
- To secure customer data to build customer confidence.
- To protect sensitive data from leaks
- To improve trust from crucial investors and lenders
- Certified Mobile Application Security Professional Training covers both Android and iOS application security
- IT professionals
- Cyber Security Professionals
- Mobile Application Developers
- Security practitioners and managers
- Anyone interested in Mobile Security
Day 1:
- Introduction to Android
- Types of Applications
- Android Security Architecture
- Interacting with Android
- Android Application Components
- Setting up the Testing Environment
- Android Emulators Genymotion / Memu
- ADB
- APKTool
- Drozer
- Frida
- Objection
- Analysing Application Components with APKTool
- Configuring Burp
- OWASP Top 10
- Improper Platform Usage
- Insecure Data Storage
- Insecure Communication
- Insecure Authentication
- Insufficient Cryptography
- Insecure Authorization
- Client Code Quality
- Code Tampering
- Reverse Engineering
- Extraneous Functionality
- Reversing Android Application for Manipulation
- Root Detection Bypass
- SSL Pinning Bypass
- IOS Application Security & Architecture
- MVC & Event Driven Architecture
- IOS Security Features
- Chain of Trust
- Secure Boot
- TouchID & Passcode
- Secure Enclave
- Keychains
- Jailbreaking IOS Devices – Types of Jailbreaks
- Setting up a Pen testing Environment
- Extracting Secrets using Key Chain Dumper
- Method Swizzling
- Runtime iOS Manipulation using GDB, Frida & Cycript
Terms & Conditions:
- Fees, speakers and dates are subject to change.
- Any cancellations received within the last ten calendar days would be liable for 50% of the course fees. Cancellations must be received in writing at least one week before course commencement. No-shows would be fully charged.
- Registered attendees who are unable to attend the above course can send replacements subject to one week’s notification.
We are committed to respecting your privacy and we recognize the importance of protecting the information collected about you. All of the personal information that you have submitted during the registration shall only in relation to your attendance at this event (i.e., processing of payments, issuance of the certificate, sending of any announcements, future events and activities). All the information that you have provided in relation to this event shall be protected with reasonable and appropriate measures and shall only be retained as long as necessary in its processing.
