Secure programming is the last line of defense against attacks targeted toward our systems. This course shows you how to identify security flaws & implement security countermeasures when writing code for Android and iOS mobile devices. Using sound programming techniques and best practices shown in this course, you can produce high-quality code that stands up to attack.
The course covers major security principles when writing Java code for Android and Objective-C code for iOS.
The objectives of the course are to acquaint students with security concepts and terminology, and to provide them with a solid foundation for developing secure software. By course completion, students should be familiar with major secure programming practices and have learnt the basics of security analysis and design.
Demonstrating the Top 10 Mobile Security Attacks
Insecure data storage
Weak server side controls
Insufficient transport layer protection
Client side injection
Poor authorization and authentication
Improper session handling
Security decisions via untrusted inputs
Side channel data leakage
Sensitive information disclosure
Secure Coding Best Practices
Creating files with correct ACLs
Secure memory handling
Secure data storage
Transport level encryption
Storage level encryption
Validating server certificates and avoiding Man-in-the-Middle
Client-side certificate authentication
Application permission isolation
The permission model
Permission types and app restriction
Creating custom permissions
Verifying process permissions during runtime
Securely activating components
Avoiding access to restricted screens
Avoiding hard coded secrets
Obfuscate the program
Detecting common code-level vulnerabilities
Secure device management
Basic knowledge of the Android development platform
Basic knowledge of the iOS development platform
Interested in this course? Have any questions?
Let us know and we’ll get back to you…
% Pure Security knowledge!