SlideShare a Scribd company logo

Mobile APP Security Solutions from SecNeo

Download as PPTX, PDF
Jay Li
Jay Li

2015: The latest Android App Security Solution to protect your Android App. This solution has been tested for past 2 years in Android world and wide adopted by banks, Lottery and gaming industry.

Technology
1 of 19
Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com Dedicate to Mobile APP Security By Jayson Li 2014-11-25 www.secneo.com
About BANGCLE By Oct. 2014: 240,000 Android Apps 30,000 Mobile Developers 300,000,000 Smartphones 2010-5 series A round from IDG 2014-5 series C round from SIG  Certified Mobile Firewall Product Vendor in China  IEEE ICSG member  Member of ANVA  Certified Android App Security Vendor in China 2013-4 series B round from IDG、Redpoint
【Running Env. Security】 VMware 【App Security】 BANGCLE 【Device Security】 Symantec, MacAfee, Kaspersky
Change paid to free App Malicious App payment creation Virus injection Remove/bypass security setting App Repack Plugin illegal Ads Remove Ads Illegal App localization
Evaluation AppShield App Release App Monitor App Management Statistic/BI Before releasing security evaluation and shielding APP Distribution Management Programming Security Source Code Protection Fishing App Monitoring App Management •Data collection •Environment monitor •Security Early Warning •Message Pushing Penetration Report Code Auditing Report App Distribution Report Competitor Report Piracy Monitoring App Monitor/Early warning Assist to upload to download sites Pirated/fishing App Removing Data Security Environment Security Business Security Storage Protection Data Protection Protocol Protection Environment Monitoring
Source Code Audit (White-box) App Penetration Service (Black-Box)
 Symmetric Encryption  White-box cryptography + AES technology  USA federal government standard  IBM, Arxan, InterTrust etc
Hack Technology Current Solution on Android Platform Bangcle Defend Best Practices on Android Reverse Engineering  Code obfuscation  Code Encryption Anti Reverse Engineering  App Integrity Check Anti tampering Debugging N/A  Anti-Debugging Low level trap detection Memory monitoring and detection  Self Protection Reactivate when App is compromised Illegal Data Copy  Encrypt key can be easy found by disassemble Apk  Transparent Strong Encryption Combined with code encryption Encrypt key secured by white-box technology  Bind IMEI with Encrypt key Prevent data file being copied out
Mobile App Game Developers Black-Box Mobile Banking App Developers Cloud USA 5 – 10 Minutes No code change needed Upload App Cloud Shielding (5-10 minutes) Download App Sign Apps -> Test -> Release
V0.5 Code Obfuscation VS. JAVA Class Loader Competitors VS. JAVA VM VS. CPU VIM SO Protection Local Data Protection Unity Script Protection VS. BANGCLE
Crawlers Data Analysis Data Storage App Similarity Analysis Engine Report Generator APK 310 Download site Information App Distribution Monitor Report Web
Secured Soft Keyboard SDK Anti-Game Cheats SDK
Question 1 : What are AppShield impact to App performance and compatibility? Answer: Result from over 30,000 App and 150 different smartphones in China, USA, EU, Japan, Korea, HK, TW  Apk size increased 800k - 2000k depend on App and security levels  CPU usage increase 2% ~ 8%  Memory usage increase 4% ~ 10%  APP start up time increase 0.1s ~ 0.9s  No compatibility issue for majority brand cellphones  Support ARM, x86
Question 2 : How long it will take us to shield an App? Answer: Within 15 minutes. However, normal processing time is less than 10 minutes include virus scan service Question 3 : Can you secure Apk SO, log, audio and other resource files ? Answer: Yes. We can manually encrypt them Question 4: How can we try it? Answer: Yes. You can try a non commercial version Appshield in www.secneo.com or send your request to Jayson.li@secneo.com for a banking grade security product and service.
 You spend millions on App security but still got hacked  Your App has many users but few paying  You spend more money on security issue than paying third party professionals  Your developers spend more time on security than writing codes  Your QA spending over 15% testing time on App security  You have to give up a million-dollars game design because of game security control problem  When you choose game engines, security is the top concern  Your developers think they can defeat Hackers
THANK YOU Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com www.secneo.com

Recommended

Automated Security Analysis of Android & iOS Applications with Mobile Securit...
Automated Security Analysis of Android & iOS Applications with Mobile Securit...Automated Security Analysis of Android & iOS Applications with Mobile Securit...
Automated Security Analysis of Android & iOS Applications with Mobile Securit...Ajin Abraham
 
API Abuse - The Anatomy of An Attack
API Abuse - The Anatomy of An AttackAPI Abuse - The Anatomy of An Attack
API Abuse - The Anatomy of An AttackNordic APIs
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityShubhneet Goel
 
Mobile_app_security
Mobile_app_securityMobile_app_security
Mobile_app_securityHassan El Hadary
 
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...Ajin Abraham
 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAjin Abraham
 
Penetrating Android Aapplications
Penetrating Android AapplicationsPenetrating Android Aapplications
Penetrating Android AapplicationsRoshan Thomas
 
Mobile App Security Testing -2
Mobile App Security Testing -2Mobile App Security Testing -2
Mobile App Security Testing -2Krisshhna Daasaarii
 

Recommended

Automated Security Analysis of Android & iOS Applications with Mobile Securit...
Automated Security Analysis of Android & iOS Applications with Mobile Securit...Automated Security Analysis of Android & iOS Applications with Mobile Securit...
Automated Security Analysis of Android & iOS Applications with Mobile Securit...Ajin Abraham
 
API Abuse - The Anatomy of An Attack
API Abuse - The Anatomy of An AttackAPI Abuse - The Anatomy of An Attack
API Abuse - The Anatomy of An AttackNordic APIs
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityShubhneet Goel
 
Mobile_app_security
Mobile_app_securityMobile_app_security
Mobile_app_securityHassan El Hadary
 
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...Ajin Abraham
 
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAjin Abraham
 
Penetrating Android Aapplications
Penetrating Android AapplicationsPenetrating Android Aapplications
Penetrating Android AapplicationsRoshan Thomas
 
Mobile App Security Testing -2
Mobile App Security Testing -2Mobile App Security Testing -2
Mobile App Security Testing -2Krisshhna Daasaarii
 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
 
Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Krisshhna Daasaarii
 
Secure Android Apps- nVisium Security
Secure Android Apps- nVisium SecuritySecure Android Apps- nVisium Security
Secure Android Apps- nVisium SecurityJack Mannino
 
Reducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at NetflixReducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at NetflixSBWebinars
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityCygnet Infotech
 
Security testing in mobile applications
Security testing in mobile applicationsSecurity testing in mobile applications
Security testing in mobile applicationsJose Manuel Ortega Candel
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
 
Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.VodqaBLR
 
The curious case of mobile app security.pptx
The curious case of mobile app security.pptxThe curious case of mobile app security.pptx
The curious case of mobile app security.pptxAnkit Giri
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android ApplicationsCláudio André
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101 Wade Malone
 
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedStephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedNoNameCon
 
API Security with Postman and Qualys
API Security with Postman and QualysAPI Security with Postman and Qualys
API Security with Postman and QualysPostman
 
Bangcle en-game
Bangcle en-gameBangcle en-game
Bangcle en-gameJay Li
 
Qark DefCon 23
Qark DefCon 23Qark DefCon 23
Qark DefCon 23☠Tony Trummer☠
 
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysisn|u - The Open Security Community
 
Apteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App PerformanceApteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App PerformanceApteligent
 
Why 'positive security' is a software security game changer
Why 'positive security' is a software security game changerWhy 'positive security' is a software security game changer
Why 'positive security' is a software security game changerJaap Karan Singh
 
Mobile application security Guidelines
Mobile application security GuidelinesMobile application security Guidelines
Mobile application security GuidelinesEntersoft Security
 
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Alan Kan
 
Student 1
Student 1Student 1
Student 1alvaro100500
 
Irregular verbs.
Irregular verbs.Irregular verbs.
Irregular verbs.Juan Diego Betanzos Valencia
 

More Related Content

What's hot

Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
 
Secure Android Apps- nVisium Security
Secure Android Apps- nVisium SecuritySecure Android Apps- nVisium Security
Secure Android Apps- nVisium SecurityJack Mannino
 
Reducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at NetflixReducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at NetflixSBWebinars
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityCygnet Infotech
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
 
Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.VodqaBLR
 
The curious case of mobile app security.pptx
The curious case of mobile app security.pptxThe curious case of mobile app security.pptx
The curious case of mobile app security.pptxAnkit Giri
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android ApplicationsCláudio André
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101 Wade Malone
 
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedStephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedNoNameCon
 
API Security with Postman and Qualys
API Security with Postman and QualysAPI Security with Postman and Qualys
API Security with Postman and QualysPostman
 
Bangcle en-game
Bangcle en-gameBangcle en-game
Bangcle en-gameJay Li
 
Apteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App PerformanceApteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App PerformanceApteligent
 
Why 'positive security' is a software security game changer
Why 'positive security' is a software security game changerWhy 'positive security' is a software security game changer
Why 'positive security' is a software security game changerJaap Karan Singh
 
Mobile application security Guidelines
Mobile application security GuidelinesMobile application security Guidelines
Mobile application security GuidelinesEntersoft Security
 
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Alan Kan
 

What's hot (20)

Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
 
Mobile Apps Security Testing -3
Mobile Apps Security Testing -3Mobile Apps Security Testing -3
Mobile Apps Security Testing -3
 
Secure Android Apps- nVisium Security
Secure Android Apps- nVisium SecuritySecure Android Apps- nVisium Security
Secure Android Apps- nVisium Security
 
Reducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at NetflixReducing Risk of Credential Compromise at Netflix
Reducing Risk of Credential Compromise at Netflix
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
 
Security testing in mobile applications
Security testing in mobile applicationsSecurity testing in mobile applications
Security testing in mobile applications
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
 
Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.Dynamic Security Analysis & Static Security Analysis for Android Apps.
Dynamic Security Analysis & Static Security Analysis for Android Apps.
 
The curious case of mobile app security.pptx
The curious case of mobile app security.pptxThe curious case of mobile app security.pptx
The curious case of mobile app security.pptx
 
Pentesting Android Applications
Pentesting Android ApplicationsPentesting Android Applications
Pentesting Android Applications
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101
 
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposedStephanie Vanroelen - Mobile Anti-Virus apps exposed
Stephanie Vanroelen - Mobile Anti-Virus apps exposed
 
API Security with Postman and Qualys
API Security with Postman and QualysAPI Security with Postman and Qualys
API Security with Postman and Qualys
 
Bangcle en-game
Bangcle en-gameBangcle en-game
Bangcle en-game
 
Qark DefCon 23
Qark DefCon 23Qark DefCon 23
Qark DefCon 23
 
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
 
Apteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App PerformanceApteligent - Choosing the Right SDKs to Optimize App Performance
Apteligent - Choosing the Right SDKs to Optimize App Performance
 
Why 'positive security' is a software security game changer
Why 'positive security' is a software security game changerWhy 'positive security' is a software security game changer
Why 'positive security' is a software security game changer
 
Mobile application security Guidelines
Mobile application security GuidelinesMobile application security Guidelines
Mobile application security Guidelines
 
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
 

Viewers also liked

How cocoapods can enhance your iOS development - Amir Hayek, Toluna
How cocoapods can enhance your iOS development - Amir Hayek, TolunaHow cocoapods can enhance your iOS development - Amir Hayek, Toluna
How cocoapods can enhance your iOS development - Amir Hayek, TolunaCodemotion Tel Aviv
 
Stars Wars - A Business Analysis Report on the Amaya Online Poker Crisis
Stars Wars - A Business Analysis Report on the Amaya Online Poker CrisisStars Wars - A Business Analysis Report on the Amaya Online Poker Crisis
Stars Wars - A Business Analysis Report on the Amaya Online Poker CrisisLuke Slisz
 
Шоколадная дорога
Шоколадная дорогаШоколадная дорога
Шоколадная дорогаgexarvest
 
Digipak making process
Digipak making processDigipak making process
Digipak making processdanielaab17
 
South America Digital Media Marketing 2014- Key Trends & Statistics
South America Digital Media Marketing 2014- Key Trends & Statistics South America Digital Media Marketing 2014- Key Trends & Statistics
South America Digital Media Marketing 2014- Key Trends & Statistics RAD365 Media Inc
 
Abhilasha Kaushik - HR Executive
Abhilasha Kaushik - HR Executive Abhilasha Kaushik - HR Executive
Abhilasha Kaushik - HR Executive ABHILASHA KAUSHIK
 
Chessboard Puzzles Part 4 - Other Surfaces and Variations
Chessboard Puzzles Part 4 - Other Surfaces and VariationsChessboard Puzzles Part 4 - Other Surfaces and Variations
Chessboard Puzzles Part 4 - Other Surfaces and VariationsDan Freeman
 

Viewers also liked (14)

Student 1
Student 1Student 1
Student 1
 
Irregular verbs.
Irregular verbs.Irregular verbs.
Irregular verbs.
 
How cocoapods can enhance your iOS development - Amir Hayek, Toluna
How cocoapods can enhance your iOS development - Amir Hayek, TolunaHow cocoapods can enhance your iOS development - Amir Hayek, Toluna
How cocoapods can enhance your iOS development - Amir Hayek, Toluna
 
Stars Wars - A Business Analysis Report on the Amaya Online Poker Crisis
Stars Wars - A Business Analysis Report on the Amaya Online Poker CrisisStars Wars - A Business Analysis Report on the Amaya Online Poker Crisis
Stars Wars - A Business Analysis Report on the Amaya Online Poker Crisis
 
Шоколадная дорога
Шоколадная дорогаШоколадная дорога
Шоколадная дорога
 
Comercialització de Cosmètics als EEUU
Comercialització de Cosmètics als EEUUComercialització de Cosmètics als EEUU
Comercialització de Cosmètics als EEUU
 
SLIDESHARE
SLIDESHARESLIDESHARE
SLIDESHARE
 
FFBL 26-11-14
FFBL 26-11-14FFBL 26-11-14
FFBL 26-11-14
 
Digipak making process
Digipak making processDigipak making process
Digipak making process
 
South America Digital Media Marketing 2014- Key Trends & Statistics
South America Digital Media Marketing 2014- Key Trends & Statistics South America Digital Media Marketing 2014- Key Trends & Statistics
South America Digital Media Marketing 2014- Key Trends & Statistics
 
Resume PM
Resume PMResume PM
Resume PM
 
C.V (1)
C.V (1)C.V (1)
C.V (1)
 
Abhilasha Kaushik - HR Executive
Abhilasha Kaushik - HR Executive Abhilasha Kaushik - HR Executive
Abhilasha Kaushik - HR Executive
 
Chessboard Puzzles Part 4 - Other Surfaces and Variations
Chessboard Puzzles Part 4 - Other Surfaces and VariationsChessboard Puzzles Part 4 - Other Surfaces and Variations
Chessboard Puzzles Part 4 - Other Surfaces and Variations
 

Similar to Mobile APP Security Solutions from SecNeo

Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSubho Halder
 
Android security - an enterprise perspective
Android security - an enterprise perspectiveAndroid security - an enterprise perspective
Android security - an enterprise perspectivePietro F. Maggi
 
Android App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before OutsourcingAndroid App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before OutsourcingSara Suarez
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017TecsyntSolutions
 
Web Application Security - Everything You Should Know
Web Application Security - Everything You Should KnowWeb Application Security - Everything You Should Know
Web Application Security - Everything You Should KnowNarola Infotech
 
Introduction to Secure Coding Checker
Introduction to Secure Coding Checker Introduction to Secure Coding Checker
Introduction to Secure Coding Checker Yoshinori Iwano
 
2018 android-security-udacity-morrison chang
2018 android-security-udacity-morrison chang2018 android-security-udacity-morrison chang
2018 android-security-udacity-morrison changmjchang
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecuritySubho Halder
 
Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Techugo
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application SecurityMarie Weaver
 
Tips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfTips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfFuGenx Technologies
 
Appaloosa & AppDome: deploy & protect mobile applications
Appaloosa & AppDome: deploy & protect mobile applicationsAppaloosa & AppDome: deploy & protect mobile applications
Appaloosa & AppDome: deploy & protect mobile applicationsJulien Ott
 
How to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdfHow to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdfvenkatprasadvadla1
 
Appknox Enterprise Offerings
Appknox Enterprise OfferingsAppknox Enterprise Offerings
Appknox Enterprise OfferingsAppknox
 
六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩baoyin
 
7 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 20227 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 2022Cerebrum Infotech
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesSkycure
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxlior mazor
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays
 

Similar to Mobile APP Security Solutions from SecNeo (20)

Securing Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest VersionSecuring Mobile Apps - Appfest Version
Securing Mobile Apps - Appfest Version
 
Android security - an enterprise perspective
Android security - an enterprise perspectiveAndroid security - an enterprise perspective
Android security - an enterprise perspective
 
Android App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before OutsourcingAndroid App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before Outsourcing
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017
 
Web Application Security - Everything You Should Know
Web Application Security - Everything You Should KnowWeb Application Security - Everything You Should Know
Web Application Security - Everything You Should Know
 
Introduction to Secure Coding Checker
Introduction to Secure Coding Checker Introduction to Secure Coding Checker
Introduction to Secure Coding Checker
 
2018 android-security-udacity-morrison chang
2018 android-security-udacity-morrison chang2018 android-security-udacity-morrison chang
2018 android-security-udacity-morrison chang
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
 
Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.
 
Tips of Mobile Application Security
Tips of Mobile Application SecurityTips of Mobile Application Security
Tips of Mobile Application Security
 
Tips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfTips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdf
 
Appaloosa & AppDome: deploy & protect mobile applications
Appaloosa & AppDome: deploy & protect mobile applicationsAppaloosa & AppDome: deploy & protect mobile applications
Appaloosa & AppDome: deploy & protect mobile applications
 
How to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdfHow to Build Secure Mobile Apps.pdf
How to Build Secure Mobile Apps.pdf
 
Appknox Enterprise Offerings
Appknox Enterprise OfferingsAppknox Enterprise Offerings
Appknox Enterprise Offerings
 
六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩
 
7 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 20227 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 2022
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
 
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
 

Recently uploaded

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Mobile APP Security Solutions from SecNeo

  • 1. Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com Dedicate to Mobile APP Security By Jayson Li 2014-11-25 www.secneo.com
  • 2. About BANGCLE By Oct. 2014: 240,000 Android Apps 30,000 Mobile Developers 300,000,000 Smartphones 2010-5 series A round from IDG 2014-5 series C round from SIG  Certified Mobile Firewall Product Vendor in China  IEEE ICSG member  Member of ANVA  Certified Android App Security Vendor in China 2013-4 series B round from IDG、Redpoint
  • 3. 【Running Env. Security】 VMware 【App Security】 BANGCLE 【Device Security】 Symantec, MacAfee, Kaspersky
  • 4. Change paid to free App Malicious App payment creation Virus injection Remove/bypass security setting App Repack Plugin illegal Ads Remove Ads Illegal App localization
  • 5. Evaluation AppShield App Release App Monitor App Management Statistic/BI Before releasing security evaluation and shielding APP Distribution Management Programming Security Source Code Protection Fishing App Monitoring App Management •Data collection •Environment monitor •Security Early Warning •Message Pushing Penetration Report Code Auditing Report App Distribution Report Competitor Report Piracy Monitoring App Monitor/Early warning Assist to upload to download sites Pirated/fishing App Removing Data Security Environment Security Business Security Storage Protection Data Protection Protocol Protection Environment Monitoring
  • 6. Source Code Audit (White-box) App Penetration Service (Black-Box)
  • 7.  Symmetric Encryption  White-box cryptography + AES technology  USA federal government standard  IBM, Arxan, InterTrust etc
  • 8. Hack Technology Current Solution on Android Platform Bangcle Defend Best Practices on Android Reverse Engineering  Code obfuscation  Code Encryption Anti Reverse Engineering  App Integrity Check Anti tampering Debugging N/A  Anti-Debugging Low level trap detection Memory monitoring and detection  Self Protection Reactivate when App is compromised Illegal Data Copy  Encrypt key can be easy found by disassemble Apk  Transparent Strong Encryption Combined with code encryption Encrypt key secured by white-box technology  Bind IMEI with Encrypt key Prevent data file being copied out
  • 9.
  • 10. Mobile App Game Developers Black-Box Mobile Banking App Developers Cloud USA 5 – 10 Minutes No code change needed Upload App Cloud Shielding (5-10 minutes) Download App Sign Apps -> Test -> Release
  • 11. V0.5 Code Obfuscation VS. JAVA Class Loader Competitors VS. JAVA VM VS. CPU VIM SO Protection Local Data Protection Unity Script Protection VS. BANGCLE
  • 12. Crawlers Data Analysis Data Storage App Similarity Analysis Engine Report Generator APK 310 Download site Information App Distribution Monitor Report Web
  • 13. Secured Soft Keyboard SDK Anti-Game Cheats SDK
  • 14.
  • 15.
  • 16. Question 1 : What are AppShield impact to App performance and compatibility? Answer: Result from over 30,000 App and 150 different smartphones in China, USA, EU, Japan, Korea, HK, TW  Apk size increased 800k - 2000k depend on App and security levels  CPU usage increase 2% ~ 8%  Memory usage increase 4% ~ 10%  APP start up time increase 0.1s ~ 0.9s  No compatibility issue for majority brand cellphones  Support ARM, x86
  • 17. Question 2 : How long it will take us to shield an App? Answer: Within 15 minutes. However, normal processing time is less than 10 minutes include virus scan service Question 3 : Can you secure Apk SO, log, audio and other resource files ? Answer: Yes. We can manually encrypt them Question 4: How can we try it? Answer: Yes. You can try a non commercial version Appshield in www.secneo.com or send your request to Jayson.li@secneo.com for a banking grade security product and service.
  • 18.  You spend millions on App security but still got hacked  Your App has many users but few paying  You spend more money on security issue than paying third party professionals  Your developers spend more time on security than writing codes  Your QA spending over 15% testing time on App security  You have to give up a million-dollars game design because of game security control problem  When you choose game engines, security is the top concern  Your developers think they can defeat Hackers
  • 19. THANK YOU Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com www.secneo.com