Veracode Discusses Mobile Security at Black Hat USA 2012
LAS VEGAS, July 25, 2012 /PRNewswire/ — Black Hat USA 2012, Booth 229 — Veracode, Inc., the leader in cloud-based application security testing, today announced that three members of its senior team will discuss how to remediate flaws and develop secure code for mobile applications at Black Hat USA 2012, booth 229.
Christien Rioux, Co-founder and Chief Scientist, Veracode
Andrew Reiter, Security Researcher, Veracode
Zach Lanier, Security Researcher, Veracode
Why: Enterprises are driven more than ever by the need to develop sophisticated custom mobile applications to empower workforce mobility in the bring-your-own-device (BYOD) era. However, as enterprise mobile apps start to transact with business-critical operations and access sensitive data, they expand the potential threat landscape for enterprises. Veracode will discuss how developers can gain visibility into security and privacy risks across both internally developed and third-party mobile apps during its two sessions at the conference:
- “Lessons of Binary Analysis” (Thursday, July 26, 10:15 a.m.) – In this workshop, Christien Rioux, co-founder and chief scientist of Veracode, will discuss how static binary analysis works, how C++ language elements are automatically transformed, and will give a high-level overview of how machines analyze code for security flaws.
- “Mapping and Evolution of Android Permissions” (Thursday, July 26, 2:15 p.m.) – Andrew Reiter and Zach Lanier, security researchers at Veracode, will discuss the Android Open Source Project. Both Reiter’s and Lanier’s methodology for building an Android API permission map and the evolution of the map will be reviewed, as well as how the permission requirements relate to application security.
For more details about Veracode’s presence at Black Hat USA 2012 visit www.veracode.com/blackhat.
Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the Veracode Blog.