Offensive Mobile Forensics presented at OWASP BASC 2012

by Joey Peloquin,

Tags: Security

Summary : The number one threat to mobile devices and applications is loss or theft of the device. The old security mantra of, "if an attacker has physical access, it is game over" is more relevant to mobile devices than virtually any other technology security practitioners have been tasked with securing. For this reason it is imperative for organizations to clearly understand their risk when deploying or supporting these devices.
Learning Objectives
Discover and explore physical locations on Apple iOS devices where sensitive information is commonly stored. Discover and explore physical locations on Google Android devices where sensitive information is commonly stored. Learn to mitigate risks through effective use of Mobile Device Management ("MDM") technology, device configuration, policy, and secure development.
Why choose this talk?
According to my research, I coined the term "offensive mobile forensics". By definition, this activity is the preemptive analysis of mobile devices and applications to quantitatively measure your organization\'s level of risk caused by the proliferation and use of today\'s mobile technology. Anyone that has performed research in this area knows mobile devices are potential trojan horses for virtually every organization. This talk arms attendees with the information and tools required to conductoffensive mobile forensics in their own environments.