This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Podcast/Transcripts/086
From OWASP
OWASP Podcast #86: Mobile Security
Participants
Kevin Mahaffey
Transcript
You are listening to the Open Web Application Security Project with your host Jim Manico.
You are listening to the Open Web Application Security Project and this is OWASP Podcast Number 86. And this is the OWASP Mobile Security Round Table. And now our guests:
Jack
- Hi this is Jack Maninno, ... for OWASP of and CEO of nVisium Security
Kevin
- Hi this is Kevin Mahaffey, from .... security.
Chris
- Hi this is Chris Wysopal, co founder and CTO of Veracode, and I love the mobile application security.
Jim
- So Gentleman last we all met face to face at the OWASP Portugal summit, and I can ... all the threat against mobile, all the defensive coding technique we need the mobile platform is frankly no different than any other web application. Allright Chris, you're up. Care to comment?
Chris
- Allright I'll take one that Jim. You know, I think the threats are very similar. I mean, every threat model is different. One server app is different with another app even some web apps are different from other apps. So I will agree that in general are the same but there are several differences based on the framework, the operating system, and what the application are really trying to do. We see certain threat vectors, sort of unique enhance mobile devices because of they used. I would say location information is very different mobile devices 24 hours a day, than location information of desktop. Well we have laptops. But it's not really quite the same. In general I would say 80% are correct.
