Security Threats on Mobile: What You & App Developers Can Do About It

Join us for the first Mobile Santa Barbara Meetup of 2014 for a conversation about mobile security!

Security has been a constant presence in the news. We just heard about the Heartbleed exploit that affected many of the largest websites and, also, millions of Android phones*. However, there are many common, everyday threats to our security when we use our smartphones. Some of those threats are the apps that we love. As much as 97% of the mobile apps we use may be insecure.

In this meetup, we'll be joined by Yanick Fratantonio and John Kennedy to discuss:

[1] threats to users of smartphones, and

[2] best security practices for developers.

Yanick is a computer security researcher at UCSB who leads a DARPA project on Android security. He has written several papers on the subject and presented his work at the Blackhat Conference. John is the Chief Security Architect at Citrix. He is responsible for the strategic vision, design, and implementation of security architecture and the security development lifecycle for all Citrix SaaS products.

Citrix is proudly sponsoring this Mobile SB Event; they look forward to meeting all of you and sharing the latest advancements in mobile world.

*Public Service Announcement: Heartbleed affects smartphones running Android 4.1.1.

Location:

Conference Room at B3 (Bldg. 7414).

http://photos4.meetupstatic.com/photos/event/9/c/8/8/600_353200072.jpeg

Presenter Bios:

Yanick Fratantonio: Yanick is a PhD student in Computer Science at UC Santa Barbara. He currently works in the Computer Security Lab under the supervision of Giovanni Vigna and Christopher Kruegel. His research interests primarily focus on the security of mobile systems. In particular, he works on applying static and dynamic techniques to analyze benign and malicious mobile applications. He is involved in the development of Andrubis, a publicly-available service to analyze Android applications. He is also part of the Wepawet team as the main author of Shellzer, a shellcode analyzer. Yanick is also a member of the Shellphish hacking group, which organizes the annual International CaptureThe Flag (iCTF).

John Kennedy (Chief Security Architect at Citrix): As Chief Security Architect, John oversees all product/service security engineering at Citrix. Currently, he focuses on agile software security lifecycle practices. He brings over twenty years of experience designing high-performance cryptographic and information security systems for financial, government, and corporate customers. Kennedy has been a key contributor and co-author for several cryptography standards. Before joining Citrix, he held senior security architect and product strategist positions with Novell, Certicom, Cylink, and ActivCard/ActivIdentity. Kennedy holds a B.S. in electrical and computer engineering from the University of California, Santa Barbara.