COD 818: Creating Secure Code - Android
Android applications must follow the same security principles as other applications, but developers can leverage built-in security libraries and other features to help prevent common application vulnerabilities.
This course helps participants develop secure Android applications by applying Android-specific secure development techniques. It examines vulnerabilities that are specific to the Android platform and provides real-world examples (illustrated in code) of failures and methods to find, fix, and prevent each type of flaw. In the hands-on labs, participants will discover vulnerabilities for themselves and find ways to remediate or mitigate them, greatly enhancing the security of their code.
Upon completion of this course, participants will be able to:
- Identify common security issues and attack vectors in Android applications
- Identify security features of the Android OS, SDK, and NDK
- Understand application-based permissions, data protection methods, code signing, packaging, and updating techniques used to secure Android applications
- Implement best practices for securely developing Android applications and securing data
Mobile Application Development Best Practices
This module presents known best practices and tools for improving the security and privacy posture of mobile applications.
Introduction to Android System Security
Like most operating systems, Android is best visualized as a set of layers, with each layer supporting the ones above. The Android layers are Linux, Libraries and Runtime, Application Framework, and Applications. In this module, participants will learn how to integrate security services of Android’s Linux kernel, SDK, and hardware into their applications.
Common Android Application Threats and Mitigations
In many cases, Android attack vectors are not unique to the mobile device. This module presents common web-based attacks, and provides an overview of the security features and vulnerabilities that are part of the Android environment.
Android Secure Development Best Practices
In this module, participants will learn how to protect their Android application by following secure coding best practices using Java. These principles will guide design and development, and reduce the frequency and severity of common vulnerabilities.