The explosion of the mobile application market coupled with acceptance of “bring your own device” (BYOD) to enterprise environments comes with its unique security risks. While driven by a rise in productivity, convenience and overall user satisfaction BYOD increases the attack surface that most businesses are not prepared for. In this presentation we will cover the reasons for concern along with a live demonstration of a remote compromise of an Android phone in a corporate environment. We will also discuss the OWASP top 10 mobile risks and demonstrate some common issues with a vulnerable iOS mobile application. A free tool will be shared with the audience that can be used to assess their corporate BYOD environments.
- Mobile Application Security
- BYOD Security
- How BYOD and Mobile applications impact your security
About Dmitry Dessiatnikov
Dmitry Dessiatnikov, a veteran with over fifteen years of security experience, is currently the President of Security Aim, information security consulting company. Prior to Security Aim Dmitry was a Managing Principle Consultant on the Attack and Penetration Team of Accuvant LABS where he provided consulting services to large corporate clients. He offered ongoing thought leadership by developing methodologies and tools as well as serving the community as a leader of the Salt Lake City OWASP Chapter and on the Board of Directors of UtahSec. Before joining Accuvant, Dmitry was a Senior Security Consultant in the Security and Technology Solutions Practice at Ernst and Young, LLP where he was the leading penetration-testing specialist in the West Coast region. Dmitry has presented at multiple security conferences and published white papers that made it to the SANS “Top 25 Papers Viewed of All Time” list. He is a CISSP, PCI QSA/ASV and holds Master degree in Information Systems Management.