Secure Coding for Android Platform Training

Secure Coding for Android Platform Training


Secure Coding for Android Platform Training Course Description

Secure Coding for Android Platform Training 3-day Intense Course provides an in-depth review of Android security technology and services and common vulnerabilities related to Android native code and Java. Hands-on exercises offer a practical way of analyzing vulnerabilities attack, and mitigation techniques.

Secure Coding for Android Platform Training Course gives a comprehensive overview of these features putting an equal emphasis on both native code issues and Java security, allowing a deeper analysis of the vulnerabilities, attacks, protection techniques and counter attacks in three days.

Secure Coding for Android Platform TrainingRelated Courses:

Duration:3 days

Skills Gained:

• Understand basic concepts of security, IT security and secure coding
• Learn the security solutions on Android
• Learn to use various security features of the Android platform
• Get information about some recent vulnerabilities in Java on Android
• Get understanding on native code vulnerabilities on Android
• Learn about typical coding mistakes and how to avoid them
• Get practical knowledge in using security testing tools
• Get sources and further reading on secure coding practices

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Course Content:

IT security and secure coding

o Nature of security
o IT security related terms
o Definition of risk
o IT security vs. secure coding
o From vulnerabilities to botnets and cybercrime
o Classification of security flaws

Android Security Overview

o Android fragmentation challenges
o The Android software stack
o OS security features and exploit mitigation techniques
o The Linux kernel
o Filesystem security
o Dalvik
o Deploying applications

Application Security

o Permissions
o Writing secure Android applications
o Protecting applications
o Digital Rights Management (DRM)
o Reverse engineering and debugging

Basics of Cryptography

o Cryptosystems
o Symmetric-key cryptography
o Other cryptographic algorithms
o Asymmetric (public-key) cryptography
o Public Key Infrastructure (PKI)
o Cryptography on Android

Android Native Code Security

o Buffer overflow possibilities in Android
o ARM architecture
o Buffer overflow on the stack
o Protection techniques – ASLR, XN, RELRO, …

Android and Java vulnerabilities

o Input validation
o SQL Injection
o Cross-Site Scripting (XSS)
o Improper use of security features
o Improper error and exception handling
o Code quality problems

Testing Android Code

o Testing Android code
o Android Lint o Android Lint – Security features
o Lint exercise
o PMD exercise
o FindBugs
o FindBugs exercise

Advice and Principles

o Matt Bishop’s principles of robust programming
o The security principles of Saltzer and Schroeder

Knowledge Sources

o Secure coding sources – a starter kit
o Vulnerability databases

Whether you are looking for general information or have a specific question, we want to help

Request More Information

    Time Frame: 0-3 Months4-12 Months

    Print Friendly, PDF & Email