OWASP Toronto - September 2018 Event: Mobile Security Talks!

This is a past event

100 people went

Location image of event venue


Hi everyone,

Hope you all had a great long weekend and are geared up for the fall.

I am excited to announce our September 17th OWASP Toronto chapter event - a double feature on Mobile Security. Our speakers are : Ivan Rodriguez ("iOS App runtime manipulation") and Kristina Balaam ("Auditing/Pen Testing Android Apps")

Ivan Rodriguez is an Application Security Engineer at Shopify with a mobile development background, currently working in application security.

Kristina is a Security Intelligence Engineer at Lookout where she reverse engineers mobile malware. Prior to Lookout, she worked as an Application Security Engineer at Shopify focusing mostly on Android mobile security. Kristina graduated with a Bachelor of Computer Science from McGill University in 2012, and is currently pursuing a MSc. in Information Security Engineering from the SANS Institute of Technology. She blogs about computer security on Twitter, Instagram and Youtube under the handle @chmodxx.

Please note that we have a new venue for this month. Shopify has graciously offered to host us at their 80 Spadina, Toronto office (a different one than August).

As usual, space is limited, so please confirm your attendance on our Meetup event pages (see links below).

Opheliar Chan


Date/Time: Monday September 17, 2018, 6:00 PM to 8 PM EDT
Location: 80 Spadina Avenue, Toronto, ON

6-7 PM
"iOS App runtime manipulation" with Ivan Rodriguez

In this talk, we'll learn how to decrypt and extract an iOS application from a device, and use reverse engineering techniques to manipulate the app at runtime.

"Auditing/Pen Testing Android Apps" with Kristina Balaam

As our world becomes more dependent on mobile devices, it's important to understand the risks we may unknowingly introduce to users through the applications we build. In this talk, we'll cover general Android security best practices, discuss tools for auditing your own applications to find vulnerabilities, and resources for continued learning.