iOS App Autopsy #1: Banking/FinTech — What Your App Binary Reveals to Attackers

What happens when a security researcher downloads iOS app from the App Store and starts pulling it apart?
In this live session, you'll find out — no slides, no theory, no mercy.
I'll take a real iOS application, download it, and perform a full static security analysis live — step by step, using professional-grade tools. You'll watch as hardcoded secrets, insecure data storage, weak encryption, and exposed API endpoints surface in minutes.
Then, for a bonus round, we'll take a quick look at a banking app from the wild to see how the same mistakes show up in financial software handling real money.

What you'll walk away with: — How attackers reverse-engineer iOS binaries — The most common security mistakes in production apps — What static analysis actually looks like in practice — Why "it's on the App Store, so it's safe" is a dangerous myth

Who this is for: iOS developers, security engineers, tech leads, and anyone responsible for the security of mobile applications.

About the host: Sergii Koval — 15+ years in iOS/macOS security. Security architect for banking and enterprise platforms. Creator of Threat Explorer, a proprietary iOS security analysis platform. Based in Luxembourg.

Format: Live demo via Google Meet. ~60 minutes. Free. Recorded for YouTube.
This is part of a monthly series. Each session, a different app goes on the table.