Loading…
Nashville, TN
September 24 - 26, 2018
Click Here For Information & Registration
View analytic
Monday, September 24 • 1:30pm - 3:00pm
A Tour of Mobile API Protection - Skip Hovsmith, CriticalBlue

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Follow the ShipFast courier service’s evolving mobile API security approach as it beats back malicious ShipRaider.

We start with static API keys and OAuth2 user authorization, discussing API security threats and how to counter them. Along the way, TLS, certificate pinning, HMAC call signing, app hardening, white box crypto, app attestation and more are considered to strengthen your API security posture, but ShipRaider will be working hard trying man in the middle attacks, app decompilation and debugging, exploit frameworks, and other reverse engineering techniques to keep stalking you. It's a quick overview of the cat and mouse API protection problem and gives a sense of emerging tools and techniques required to protect your mobile APIs.

You'll walk away with access to fully worked open source examples and some additional homework assignments if you want to go deeper.

Speakers
SH

Skip Hovsmith

VP Growth, CriticalBlue


Monday September 24, 2018 1:30pm - 3:00pm
Davidson Ballroom B2
  • Skill Level Any