How do you ensure your mobile app is properly secured? What are the threats you should be concerned with and what can you do to ensure a minimum bar of security is met?

The adoption of standards and standards-based testing is critical to identifying the most critical issues in your mobile app. Join this NowSecure Tech Talk with Carlos Holguera, OWASP MSTG and MASVS project leader, to learn about the changes introduced to the OWASP MASVS (Mobile Application Security Verification Standard) in Version 2.0.0, the biggest update to the standard in 7 years. Learn about the refactoring process and discuss the changes designed to streamline the standard to make it as easy, accessible and comprehensive as possible.

Mobile apps have become integral to modern healthcare, helping individuals and medical teams manage complex health conditions and improve quality of life. From Mobile Health (mHealth) apps, to the primary UIs for medical systems, to full control over safety-critical devices, these apps impact everyone in some way and ensuring they are secure can be a life or death situation.

NowSecure is excited to have an expert in medical device cybersecurity from our customer community, Garrett Schumacher, join us to share:

 AI tools like ChatGPT and GitHub CoPilot are all the rage - but how secure is AI-generated code? In this session, Jason Michael Perry, CTO of Mindgrub, will help you develop good habits when using these tools and provide tricks to catch potentially insecure code before deployment. After all, sanitizing your input values is always essential.

In this session, we’ll cover the following:

Many mobile apps use WebViews to load and display web content directly within the app. However, WebViews expand the threat vector and attackers can exploit them to steal user credentials or launch phishing campaigns.

2023 may be the year of sophisticated language model systems and assisted programming, but what does that mean for developer productivity and the future of mobile development?

In this Tech Talk, Andrew Hoog and Kevin Lewis will demo the power of AI copilots like GitHub Copilot, while sharing their observations, including:

• What GitHub Copilot can and cannot do well
• iOS + Android GitHub Copilot experiences
• Suggestions for using GitHub Copilot today for mobile development

This will be an interactive session with live Q&A

Mobile devices are ubiquitous, presenting a unique attack surface for adversaries targeting the user and enterprise alike. How can I understand how adversaries are targeting my personal and/or enterprise devices? What defenses should I prioritize to protect my devices? Starting in 2017, the ATT&CK framework was expanded into the mobile domain to address these questions and more.

Join Jason Ajmo, ATT&CK for Mobile lead at The MITRE Corporation, to learn about ATT&CK for Mobile’s background, recent updates to the knowledge base, and how you can contribute and get involved.

As the masses descend on Vegas in early August for the annual cyber pilgrimage, NowSecure experts are headed there in force to carry the torch for the mobile appsec community. Join us for a team debrief discussion on all things mobile appsec from Black Hat 2023, DefCon 31 and SquadCon.

From BH Briefings & Trainings to Frida Meetup to SquadCon CTF to DefCon AppSec Village and more, there will be tons to learn about and more resources to share!

Have you ever wondered how to reverse a mobile video game app with Frida? In this Tech Talk, Chase Abel will walk through the process of reverse engineering a mobile Blackjack app so you can peek inside how they work! The techniques discussed in this presentation will teach you how leverage Frida step by step to manipulate a mobile apps’ intended behaviors.

Chase Abel
​​Mobile Security Researcher
NowSecure

Brendan Hann
Senior Product Marketing Manager
NowSecure