Denim Group has been acquired by Coalfire. Learn More>>

Mobile Application Security Code Reviews: BSides Las Vegas Materials Online

David Rook (@securityninja) and I gave a training class at 2011 Security BSides Las Vegas on mobile application security code reviews. We used his Agnitio code review tool to analyze a flawed application and identify potential issues.

The slides are online here:

The code for the intentionally-flawed sample Pandemobium Stock Trader application can be found online here. The code online includes both Android and iOS versions of a vulnerable application as well as the backing web services that support the apps.

Contact us for more information on application security training programs including instructor-led training for and eLearning.


dan _at_


Posted via email from Denim Group’s Posterous

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Security Programs

One Response to “Mobile Application Security Code Reviews: BSides Las Vegas Materials Online”

  1. MGsecurity

    Hiya! I know this is kinda off topic however , I’d figured I’d ask. Would you be interested in trading links or maybe guest authoring a blog article or vice-versa? My website goes over a lot of the same topics as yours and I feel we could greatly benefit from each other. If you happen to be interested feel free to send me an e-mail. I look forward to hearing from you! Excellent blog by the way!

Leave a Reply

Your email address will not be published. Required fields are marked *