Pre-Consumer Electronics Show (CES) Interview on Mobile Application Security

I did a quick pre-CES interview with Alan Weinkrantz discussing what firms should think about when considering the security of mobile applications they are developing.

 

You can listen here:

 

Here are a couple of the main points I covered:

·         Organizations should be thoughtful when developing requirements and designs for applications because consumers are getting more aware and more sensitive about how their mobile data is treated.  Tracking too much might get you in trouble.

·         Organizations should be very careful when building applications so that they do not introduce security problems into the application code or into the server-side resources supporting the smartphone applications (For more information on this see some of our resources on smartphone application security at www.smartphonesdumbapps.com)

·         Organizations need to be careful of their software supply chains when they are building mobile applications.  There were a number of cases in 2010 where 3rd party libraries and/or application code introduced vulnerabilities into mobile applications.  This will continue to be a concern going forward and organizations also need to start vetting 3rd party code for malicious behaviors.

 

I can’t make it to CES this year but it should be a good time.  And 2011 is going to be a very interesting year for mobile applications and mobile application security.

 

Contact us for help building and securing mobile applications.

 

–Dan

dan _at_ denimgroup.com

@danielcornell

Posted via email from Denim Group’s Posterous

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *