Defense-in-depth strategies for securing mobile applications - Ryan Lloyd - ASW #390
7 July - 47 minsMobile applications have unique risks and threat models compared to server-side applications and infrastructure. Consequently, they need different strategies to ensure their business logic and workflows well secured. We'll dive into some of these defense-in-depth strategies and why they are important to mobile applications. Securing workflows goes beyond input validation and pattern matching suspicious payloads; it requires detailed attention to state machines, edge cases, and collecting signals to evaluate trust.
Segment Resources:
https://hubs.la/Q04jLKj70 https://mas.owasp.org/MASTG/0x04c-Tampering-and-Reverse-Engineering/ https://owasp.org/API-Security/editions/2023/en/0x00-header/...
Mastering agent permissions and Identiverse interviews - Howard Ting, Ajay Gupta, Sandy Bird, Amir Ofek - ESW #466
1 hour 17 mins
6 July Finished
Beyond the AI Hype, Cyber Readiness in the Age of AI - Gibb Witham - SWN #595
31 mins
3 July Finished
AI Cocaine Recipes, Russian Hack, Scattered Spider, Cisco, Amazon Q – Aaran Leyland - SWN #594
35 mins
30 June Finished