OWASP AppSec DC 2012/WhackaMobile II Mobile App Pen Testing with the MobiSecLive Environment

The Presentation
In this talk, Kevin and Tony will outline and discuss the variety of testing techniques and tools available for performing mobile application penetration testing. The presentation will include technical details of discovery and exploitation of mobile application vulnerabilities, as well as outlining the use of MobiSec, which is a live environment used for performing mobile penetration testing. This talk will benefit penetration testers, mobile application developers, and mobile administrators who are concerned about their mobile environment, and wanting to learn new and exciting ways to assess the security of their mobile applications.

The Speakers
Kevin Johnson and Tony Delagrange

Tony DeLaGrange is a Senior Security Analyst with Secure Ideas, bringing over twenty-five years of information technology experience in the healthcare and financial services industries. For over the past decade, Tony has focused on information security within a leading Fortune 50 financial institution, providing the design of security reference architecture, development of information security policies, standards, and baselines, as well as the assessment and testing of emerging technologies. His experience includes managing large networking and messaging environments, assessing controls and establishing security requirements for large technology project implementations, driving change through leading an information security center of excellence, and influencing key technology and business stakeholders at all levels. Most recently, Tony led a penetration team that augmented the IT Audit program, providing a threat-based perspective to the standard general controls audit review process. For many years, Tony has had a keen interest in mobile security, specifically with mobile devices within a corporate environment, and is the project lead for the MobiSec Live Environment.