AppSec Europe 2016 has ended
Back To Schedule
Wednesday, June 29 • 09:00 - 17:00
Day 1/1 - Hacking and Securing iOS Applications

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Hacking and Securing iOS Applications" is a one day course focused on learning how to successfully perform a Security Assessment of modern and complex iOS Applications and provide appropriate remediations for all the vulnerabilities found. This highly practical course is designed around the security issues that were often observed by the trainers during their application security assessments. This up-to-date training will be also very useful for all the iOS developers that want to know the security best-practices that are mandatory to build an application that should be able to face modern threats. Attendees will get familiar with the following topics during the class (mostly based on the OWASP Top Ten): - A thorough overview about the iOS security model, updated to iOS 9; - How to setup a lab with all the tools needed to successfully perform iOS security assessments; - Checking for local storage vulnerabilities and learning on how to correctly save sensitive files on the device; - How to check and prevent unintended data leakages; - How to safely implement SSL Pinning and check for the most common SSL vulnerabilities; - How to take advantage of some of the most useful security assessment tools through practical examples (Frida, Cycript, Snoop-it, idb, etc.) - How to obfuscate iOS code and implement appropriate checks to detect jailbroken devices; - How to reverse engineering iOS applications and acquire knowledge about the inner details of the target application.

avatar for Simone Bovi

Simone Bovi

Security Consultant, Minded Security
Simone Bovi is a Security Consultant at Minded Security where he delivers Web Application Penetration Test, Mobile Penetration Test (iOS and Android platform), Vulnerability Assessment and Network Penetration Test for several enterprise companies and financial institutions. He holds... Read More →
avatar for Davide Danelon

Davide Danelon

Senior Security Consultant, Minded Security
Davide Danelon is a Senior Security Consultant at Minded Security, where he delivers security assessments and penetration test of web and mobile applications. He also delivers courses about application security. Prior joining Minded Security, Davide was an Analyst at Deloitte Enterprise... Read More →

Wednesday June 29, 2016 09:00 - 17:00 CEST
Bramante 11

Attendees (4)