Pentester's intro to android + Security of mobile cloud ecosystem

  • September 12, 2013 · 6:00 PM

Talk 1.  An Application Pen Tester’s Intro to Android Internals

This talk will be a grey-box exploration of the Android OS that will be light on slides and heavier on demonstration. We will take some of the most popular tools used in assessing an Android app and point it at the OS instead to explore Internals from a black box perspective. For illustrative purposes, where appropriate, we will dig into Android Source Code to get a bit of a deeper understanding of what is going on under the hood.

 

Bio

Tom Palarz is a Security Consultant at Neohapsis with over five years of experience in the field of information security.

While at Neohapsis, Tom has engaged in projects for numerous industries, including mobile and web application assessments. Throughout these engagements, Tom has discovered numerous security flaws and areas for improvement in the targeted systems, giving customers an edge in fixing their problems and ensuring that the window of vulnerability is minimized.  Much of his recent work has been to assist customers in securing their mobile applications, focusing on Android and Apple iPhone.

 

 

Talk 2. Security of the Mobile Cloud Ecosystem

This talk will give an overview of the integration with cloud services and mobile usage along the lines of risk into an organization.  Joe will explore and define the ambiguous terms of cloud and mobile while giving the audience examples of attacks and solutions to mitigate an organization's risk.  Audience participants should have a basic knowledge around security solutions in mobile and definitions of cloud services.

 

Bio

Joe Schumacher is a security consultant with Neohapsis that focuses on the blue team strategy in areas of technical operations and meeting or exceeding varying compliance requirements.  Joe has helped many organizations better understand their risk in using different technologies and define security frameworks to counter or mitigate risks with technology in a business.  Joe is active with Neohapsis Labs research around areas of security in mobile devices and cloud services.

 

How to find us

 

Schedule

6:00 - 6:30: Pizza/Networking

6:30 - 6:45: Security Spiel by Akshat

6:45 - 7:00: Lulzy News by Lucy

7:00 - 7:30: An Application Pen-Tester's Intro to Android Internals

7:30 - 8:00: Security of the Mobile Cloud Ecosystem

8:00+ Finish off pizza and go home

 


Join or login to comment.

  • Lucy M.

    Thanks to Tom and Joe for the terrific presentations on Android and mobile! Highly relevant and informative. And thanks to Don for the Glass demo - a bonus!

    1 · September 13, 2013

  • Lokesh P.

    Enthusiastic meetup and lively discussions!!!

    Can we get the slides? Also it will be good if you can share email address of presenters so that we can contact in case of any question

    1 · September 12, 2013

  • Akshat P.

    btw, the address is 325 Main St Cambridge MA

    September 12, 2013

    • Don S.

      Akshat, If folks think it would be of interest, I'd love to present Glass more fully as a start to a discussion of the security implications of wearables. Maybe throw in security related apps in the stew. Late October?

      1 · September 12, 2013

  • Don S.

    Wow! You folks are incredible. Remind me to stumble into your group again. Thanks for the warm welcome

    1 · September 12, 2013

  • Mike B.

    For those ingested in the Google glass event http://fillingglass.eventbrite.com/

    2 · September 12, 2013

  • Amy W.

    Work conflict. Boo.

    September 10, 2013

  • Tim K.

    I'm sorry I'm going to miss the meeting :(.

    Please allow me to introduce myself; my name is Tim Krabec, a training instructor with the Center for Information Management and Assurance (CIMA), as well as, a Member of the South Florida ISSA Chapter Board. During the week of September 16 – 20, 2013, I will have the honor of being in the great Boston area (Needham) teaching a Certified ISO 27001 Lead Auditor course, an ISO and ASNI accredited certification course. As a professional courtesy, I would like to offer a $200 discount to members of your Group, Boston Security Meet up wishing to take advantage of this course being offered in your area; a $400 discount is also available for Information Security Leadership Forum members in the area. The discount code I had setup for your group Boston Security Meet up is: SECGEN-BSTN-2013, which can be used at the top of the first page, of the online registration for this course on our website (http://mycima.net/t-e/training-home/iso27001-la.html).

    1 · September 10, 2013

  • matt j.

    Perfect timing for me. Excited for the talk!

    September 5, 2013

  • David S.

    1 · September 5, 2013

  • Diane E. W.

    Since they moved from Portland Street to Cambridge Center, where is the new location for the meetup?

    September 4, 2013

  • Chris F

    I have an idea for the next meetup. How about if we have a referendum (maybe referendum is not the correct word.)
    We vote on this, or something worded like this, "Boston Security meetup considers Edward Snowden a partriot. He acted in the interest of the American people, revealing government crimes. He deserves our praise and protection from government prosecution."

    1 · August 15, 2013

    • Akshat P.

      What about getting a cyber legal panel to debate for/against NSA PRISM... make a 1 time special event. Beer would clearly make this a very happening time. Perhaps someone can introduce me to the HL folks to brainstorm this idea further?
      http://cyber.law.harv...­

      2 · August 23, 2013

    • Chris F

      Sorry, wasn't checking back often enough. I missed the poll.

      August 27, 2013

  • NT

    Will be there

    August 15, 2013

  • vicky s.

    I have a good understanding of Android security framework I will be willing to share some information before and after the meetup. Work of my research group can be found at http://www.cis.syr.edu/~wedu/

    August 7, 2013

    • Akshat P.

      hey, how about doing a 10 minute lightning talk about it?

      1 · August 9, 2013

38 went

Our Sponsors

  • Google

    Generously providing hosting and support for the BSM events.

  • ComplianceChimp

    Generously providing funding and support for the BSM events.

People in this
Meetup are also in:

Create your own Meetup Group

Get started Learn more
Bill

I started the group because there wasn't any other type of group like this. I've met some great folks in the group who have become close friends and have also met some amazing business owners.

Bill, started New York City Gay Craft Beer Lovers

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy