This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Threat Profiling the Mobile Application Ecosystem

Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center |

The Presentation

Owasp logo normal.jpg
The flood gates of the mobile age have swung wide open, and whether your organization is prepared or not - mobile applications utilizing cloud resources are the future. As organizations race to release Çmobile versions of applications that do everything from home automation to managing your medications and health history, software security assurance is paramount from both regulatory and risk management perspectives. This requires an entirely different approach than simply running scans or handing off your source code to be Çaudited. Analyzing the source code, the mobile application, remote application interfaces and the communication protocols between them are critical to understanding the complete threat profile of the mobile application. Simply looking at one of these components can provide a dangerously misleading representation and lead to increased risk exposure. The speaker will discuss the full threat profile of mobile applications, including their real attack surface and provide thoughts on the future of mobile applications as enterprises migrate further into cloud computing.

The Speakers

Rafal Los

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link= Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg