This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Training/Mobile Hacking and Securing

Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center |


Course Length: 1 Day

Students will discover mobile hacking techniques for Android and iPhone. They will understand the platform security models, device security models, app analysis, file system analysis and runtime analysis for these popular mobile operating systems.

This course will provide students with the knowledge necessary to assess mobile app security including what hackers look for in mobile apps. Hacking apps themselves will equip them with the skills required to protect their own apps from attacks.

Students will come out with an understanding of the pitfalls to mobile device security and the importance of developing mobile apps securely. They will learn the concepts necessary to securely develop mobile in your organization.

Student Requirements

  1. Laptop w/ minimum 2GB RAM
  2. Latest version of VMWare Player, Fusion, or Workstation


Audience: Technical Skill Level: Intermediate

Perform attacks against sample mobile apps to understand the weaknesses that exist in the current device security models

Implement secure coding techniques into your mobile development lifecycle to protect your mobile apps from high risk attacks

Communicate mobile device security threats and the risks associated with mobile devices from an enterprise perspective


Max Veytsman

Max Veytsman is a Security Consultant with Security Compass, where he specializes in web and mobile security assessments. He is currently leading Security Compass's training development in the mobile space. Max has provided mobile security presentations and training at such conferences as SecTor and ToorCon.

Patrick Szeto

Patrick Szeto is a Security Consultant with a strong background in information security spanning over a decade. He is a specialist in application security reviews, source code analysis, and secure coding methodologies.Patrick has performed extensive application security assessments for various Fortune 500 clients in the information technology, financial services, data management, telecommunications, national retail and health care sectors. Patrick has also developed vulnerability signature detection tools and application security testing tools and served as a trainer and advisor for an independent vulnerability research team.

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link= Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg