Description
Mobile devices are everywhere in the enterprise—but they are still frequently out of scope for security testing. That blind spot creates real risk.
Modern mobile platforms introduce a wide range of attack surfaces, from phishing and malicious applications to vulnerabilities that allow silent device compromise. Once compromised, mobile devices can act as pivot points into internal networks and sensitive corporate systems, bypassing many traditional security controls.
In this talk, I will walk through the current mobile threat landscape and show how to bring mobile devices and enterprise mobility solutions into scope for meaningful security testing. We will look at common attack vectors, including mobile phishing, malicious applications, and device-level exploitation, as well as how attackers can use compromised devices to move further into enterprise environments.
I will also cover practical approaches to testing mobile security using freely available tools, along with an evaluation of enterprise mobile security solutions such as MDM, MTD, and MAM. Attendees will leave with concrete techniques they can apply in their own environments, as well as a clearer understanding of where existing defenses succeed—and where they fall short.
Optional: Speaker / convener biography
Georgia Weidman is a cybersecurity researcher, entrepreneur, and author with over 15 years of experience in offensive security. She is the founder of Bulb Security, a penetration testing firm, and Shevirah, a mobile security startup.
She is the author of Penetration Testing: A Hands-On Introduction to Hacking and has conducted DARPA-funded research in smartphone exploitation. Her work has been featured in outlets including ABC, BBC, The New York Times and Reuters.
Georgia has spoken and taught at venues including Black Hat, DEF CON, and RSA Conference, and enjoys sharing practical security knowledge with the broader community.
| Length | 45 minutes |
|---|