OWASP AppSec DC 2012/Software Security Goes Mobile

The Presentation
Mobile devices and the security risks introduced by the software that runs them are proliferating, especially with the open and fragmented Android ecosystem. This talk scrutinizes challenges faced in securing mobile apps, and contrasts them with legacy and more mature software security initiatives. We discuss how consumerization confounds security efforts, how the mobile app lifecycle makes risk a hot potato, and finish with the top mobile threats and how to avoid them. Jacob West is Director, Software Security Research for the Enterprise Security Products division of Hewlett-Packard. West is a world-recognized expert on software security and brings a technical understanding of the languages and frameworks used to build software together with extensive knowledge about how real-world systems fail. In 2007, he co-authored the book "Secure Programming with Static Analysis" with colleague and Fortify founder Brian Chess. Today, the book remains the only comprehensive guide to static analysis and how developers can use it to avoid the most prevalent and dangerous vulnerabilities in code. West is a frequent speaker at industry events, including RSA Conference, Black Hat, Defcon, OWASP, and many others. A graduate of the University of California, Berkeley, West holds dual-degrees in Computer Science and French and resides in San Francisco, California.