Upload File

mobile (in)security? @ mobile edge '14

  • Home
  • Mobile
  • Mobile (in)security? @ Mobile Edge '14
20
Cláudio André / [email protected] /// Mobile (in)security ?

Upload: mobile-edge-event

Post on 11-Jul-2015

210 views

Category:

Mobile


3 download

Report

Tags:

TRANSCRIPT

Page 1: Mobile (in)security? @ Mobile Edge '14

Cláudio André / [email protected]

/// Mobile (in)security ?

Page 2: Mobile (in)security? @ Mobile Edge '14

2

/// MOBILE (IN)SECURITY ?

WHOAMI

•  Pentester at Integrity S.A.

•  Web applications, Mobile Applications and

Infrastructure

•  BSc in Management Information Technology

•  Offensive Security Certified Professional

Page 3: Mobile (in)security? @ Mobile Edge '14

3

/// MOBILE (IN)SECURITY ?

MOBILE EQUIPMENTS

http://www.idc.com/prodserv/smartphone-os-market-share.jsp

301.3 million shipments 2014Q2

Page 4: Mobile (in)security? @ Mobile Edge '14

4

/// MOBILE (IN)SECURITY ?

2014Q2 MARKETSHARE

84.7%

11.7%

2.5% 0.5% 0.7%

Android

iOS

Windows Phone

BlackBerry OS

Others

http://www.idc.com/prodserv/smartphone-os-market-share.jsp

Page 5: Mobile (in)security? @ Mobile Edge '14

5

/// MOBILE (IN)SECURITY ?

MOBILE PLATFORMS ON ENTERPRISE

BYOD & Mobile Security 2013 Survey Linkedin Information Security Group

Page 6: Mobile (in)security? @ Mobile Edge '14

6

/// MOBILE (IN)SECURITY ?

ENTERPRISES MAIN SECURITY CONCERNS

BYOD & Mobile Security 2013 Survey Linkedin Information Security Group

Page 7: Mobile (in)security? @ Mobile Edge '14

7

/// MOBILE (IN)SECURITY ?

ENTERPRISES MAIN SECURITY CONCERNS

I'm not a Hacker. Just a silly guy with a ski mask on. Don't know what I'm doing.

Page 8: Mobile (in)security? @ Mobile Edge '14

8

/// MOBILE (IN)SECURITY ?

SECURITY HORROR STORIES 2014 (SO FAR...)

Ebay - 145 million users and encrypted email address. JP Morgan Chase - Customer information of 76 million households and 7 million business. Home Depot - 56 million debit and credit cards. Target - 40 million credit and debit cards. Community Health Systems - Personal data of 4.5 million patients.

Page 9: Mobile (in)security? @ Mobile Edge '14

9

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

Page 10: Mobile (in)security? @ Mobile Edge '14

10

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

Device Network Server

Page 11: Mobile (in)security? @ Mobile Edge '14

11

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

•  Browser •  System •  Phone / SMS •  Apps •  Malware •  ...

Device

Page 12: Mobile (in)security? @ Mobile Edge '14

12

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

Tech details in: http://security.claudio.pt

Page 13: Mobile (in)security? @ Mobile Edge '14

13

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

Network •  Packet Sniffing •  Man-In-The-Middle (MITM) •  Rogue Access Point •  ...

Page 14: Mobile (in)security? @ Mobile Edge '14

14

/// MOBILE (IN)SECURITY ?

ATTACK VECTORS

Server •  Brute Force Attacks •  SQL Injections •  OS Command Execution •  ...

Page 15: Mobile (in)security? @ Mobile Edge '14

15

/// MOBILE (IN)SECURITY ?

A WAY TO...

Mobile Device Management; Mobile Application Management; Endpoint Security Tools; Network Access Control (NAC) Endpoint Malware Protections; …..

Page 16: Mobile (in)security? @ Mobile Edge '14

16

/// MOBILE (IN)SECURITY ?

MOBILE DEVICE MANAGEMENT

-  Focus on the Device -  Provisioning -  Security Policies Enforcement -  Reporting and Monitoring -  Software Distribution

Page 17: Mobile (in)security? @ Mobile Edge '14

17

/// MOBILE (IN)SECURITY ?

MOBILE APPLICATION MANAGEMENT

-  Focus on the Applications -  Same as previous but applied to the applications. -  Corporate App Store (wrapping)

Page 18: Mobile (in)security? @ Mobile Edge '14

18

/// MOBILE (IN)SECURITY ?

WHICH ONE TO CHOOSE ?

-  Depends on your objectives -  Mixed solution

Page 19: Mobile (in)security? @ Mobile Edge '14

19

/// MOBILE (IN)SECURITY ?

NOT ONLY *WARE APPROACH

-  Defense-In-Depth -  Raise User Awareness -  Secure Development Best Practises (OWASP) -  Threat Modeling -  Continuous Penetration Testing

Page 20: Mobile (in)security? @ Mobile Edge '14

20

Thank you.


Federated Learning in Mobile Edge Networks: A ...Index Terms—Federated Learning, mobile edge networks, re source allocation, communication cost, data privacy, data security W. Y

Edge Security with Forefront Sandeep Modhvadia Security Specialist

Mobile Edge in Focus - Manufacturing

Innovation Edge. Mobile Banking (English)

Leveraging Containers Mobile Edge Strategy

TRITON Mobile Security Help - ForcepointTRITON Mobile Security Help | Mobile Security Solutions Welcome to Websense ® TRITON® Mobile Security. Mobile Se curity is a cloud-based service

In-Edge AI: Intelligentizing Mobile Edge Computing

What's next for enterprise mobility mobile edge @ Mobile Edge '14

Mobile Service Edge

SOLID EDGE 2020 Viewer - ACAM Systemautomation · 2019-08-13 · Solid Edge Mobile Viewer Solid Edge Mobile Viewer: Solid Edge Mobile Viewer gibt es in den Stores von Android; Apple

Mobile Edge Computing: A Survey

SOLID EDGE Lizenzierung - acam.at · Solid Edge Mobile Viewer Solid Edge Mobile Viewer: Solid Edge Mobile Viewer gibt es in den Stores von Android; Apple und Windows. Diese sind nur

2011 Mobile Edge Catalog

Low Latency Mobile Edge Computing

Security, Cloud Delivery, Performance | Akamai - A THRIVING … · 2020-05-14 · far away. Akamai’s portfolio of edge security, web and mobile performance, enterprise access, and

Innovation Edge. Mobile Payments

In-Edge AI: Intelligentizing Mobile Edge Computing, Caching and ... · In-Edge AI: Intelligentizing Mobile Edge Computing, Caching and Communication by Federated Learning Xiaofei

Evaluating mobile edge-computing on base stations927836/FULLTEXT01.pdf · Aalto University School of Science Master’s Degree Programme in Security and Mobile Computing Eduardo Castellanos

Innovation Edge. Mobile Payments (English)

Open Edge Mobile

INVITED PAPER Mobile Edge Computing Empowers Internet of Thingssunxiang/Publication/Mobile Edge Computing Empo… · INVITED PAPER Mobile Edge Computing Empowers Internet of Things

Overview of the Cisco 3825 Mobile Wireless Edge · PDF fileCisco 3825 Mobile Wireless Edge Router Software Configuration Guide ... The Cisco 3825 Mobile Wireless Edge Router is a

Mobile Edge 2010 Corporate Presentation

MOBILE PHONE SECURITY./ MOBILE SECURITY

Get Started with Raiser's Edge NXT...Get Started with Raiser's Edge NXT An Overview of Relationship and Security Management on Your Desktop or Mobile Device Raiser's Edge NXT Contents

Content-Based Mobile Edge Networking (CBMEN) DARPA … 2011 5 13... · Content-Based Mobile Edge Networking (CBMEN) DARPA-BAA ... Content-Based Mobile Edge Networking (CBMEN)

Security SAP Mobile Platform 2.3 SP03 - SyBooks Onlineinfocenter.sybase.com/.../doc/pdf/smp_security.pdf · Network Edge Single Sign-on Authentication ... DMZ Security.....133 Relay

Introduction and Edge Security Traffic Design - · PDF fileIntroduction and Edge Security Traffic Design. ... NSA Router and Security Guide ... and you only had one edge; it . was

Security Analysis of Mobile Edge Computing in Virtualized

Mobile security powerpoint explaining common mobile security features

Mobile Edge Computing - aptira.com

Edge | Security | Cloud | Security | Akamai › uk › en › multimedia › documents › white-p… · From the Core to the Edge: 7 Reasons You Need Security at the Edge 4 Security

mobile app edge

Mobile-Edge Computing – Introductory Technical

Akamai Edge Security Solutions Brochure | Akamai · Akamai Edge Security Solutions 4 Akamai edge security solutions are deployed on a global platform that extends from your applications