This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Podcast/Transcripts/086

Revision as of 10:46, 8 August 2011 by Zakiakhmad (talk | contribs) (Transcript)

Jump to: navigation, search

OWASP Podcast #86: Mobile Security


Kevin Mahaffey
Jack Mannino


Chris Wysopal


You are listening to the Open Web Application Security Project with your host Jim Manico.

You are listening to the Open Web Application Security Project and this is OWASP Podcast Number 86. And this is the OWASP Mobile Security Round Table. And now our guests:


Hi this is Jack Maninno, ... for OWASP of and CEO of nVisium Security


Hi this is Kevin Mahaffey, from .... security.


Hi this is Chris Wysopal, co founder and CTO of Veracode, and I love the mobile application security.


So Gentleman last we all met face to face at the OWASP Portugal summit, and I can ... all the threat against mobile, all the defensive coding technique we need the mobile platform is frankly no different than any other web application. Allright Chris, you're up. Care to comment?


Allright I'll take one that Jim. You know, I think the threats are very similar. I mean, every threat model is different. One server app is different with another app even some web apps are different from other apps. So I will agree in general are the same but there are several differences based on the framework, the operating system, and what the application are trying to do. We see certain threat vectors sort of unique enhance mobile devices they use, location information is very different mobile devices 24 hours a day, than location information of desktop. Well we have laptops. In general I would say 80% are correct.