COD 110: Fundamentals of Secure Mobile Development
This course introduces developers to the common risks associated with mobile applications including client side injection, sensitive data handling, network transition, application patching, web-based attacks, phishing, third- party code, location security, and privacy and denial of service. Participants are given an overview of the mobile application development best practices to reduce these risks including input validation, output encoding, least privilege, code signing, data protection at rest and in transit, avoiding client-side validation, and using platform security capabilities as they apply in mobile environments. Included is a discussion of threat modeling mobile applications. With knowledge checks throughout, the participant who completes this course will have an understanding of mobile environment threats and risks, and the programming principals to use to address them.
Upon completion of this course, participants will be able to:
- Identify common mobile application risks
- Use mobile application development best practices
- Create a mobile application threat model
This course can be customized for Instructor-Led training. Course contents and duration may vary. Contact us for details.