BSidesLV has ended
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
Wednesday, August 6 • 11:00 - 12:00
Bring your own Risky Apps

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

BYOD is a cute and harmless-sounding acronym for a trend that is in reality introducing exponentially more risk to end-users and organizations. The common refrain is to seek out and secure your smartphones and tablets from malware and other malicious software which can wreck havoc on a device and completely ruin its integrity. However, BYOD is about more than just introducing hardware; it also brings the issue of BYOApps. Layers of protection covering both the device operating system as well as the apps running on it is required to have a comprehensive solution to combat this problem, which is actually deeper than it seems.

In this co-hosted 45 minute presentation, we will present several real-world case studies of:

- How easy it is to App side-jack to gain root (Jailbreak)
- How a popular app like Flappy Bird can be trojan-ized to defeat two factor authentication.

While the industry loves to talk about sexy malware exploit scenarios, few are exploring the risks that BYOD and BYOApps are introducing, by bringing apps that are hungry for user/private data into the workplace.

Does a flashlight app really need access to a corporate address book or calendar? Should a doc-signing app transmit passwords in clear-text? Should a productivity app have access to corporate email attachments and be able to store them to DropBox? As we scratch beneath the surface, the real security issue is deeper rooted in policy decisions that now must be made on which app behaviors should be allowed in an enterprise environment.

BYOD has really become BYOApps, bringing with it a new layer of complexity with risks outside of obvious issues like malware. Organizations must make policy decisions about behaviors in apps and look for ways to enforce customized policy. A new approach defines the future of how mobile threats will need to be addressed in an automated and scalable way.

avatar for Domingo Guerra

Domingo Guerra

President & Founder, Appthority
Domingo Guerra is the President and Co-founder of Appthority. Domingo was born and raised in Monterrey, Mexico, and moved to the United States at age 18 to pursue his passion for technology. Domingo is a weekly contributor to the Appthority App Security blog and authors Appthority's... Read More →
avatar for Michael Raggo

Michael Raggo

Director, Security Research, MobileIron, Inc.
Michael T. Raggo, Director of Security Research, MobileIron, Inc. has over 20 years of security research experience. His current focus is threats and countermeasures for the mobile enterprise. Michael is the author of “Mobile Data Loss: Threats & Countermeasures” and “Data Hiding... Read More →

Wednesday August 6, 2014 11:00 - 12:00 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (0)