SlideShare a Scribd company logo

Introduction to Secure Coding Checker

Yoshinori Iwano
Yoshinori Iwano

The document introduces Secure Coding Checker, a tool developed by Sony Digital Network Applications that identifies vulnerabilities in Android apps. It scans APK files to detect issues within minutes and provides guidance to help developers quickly fix problems. The tool analyzes apps and visually displays any vulnerabilities found. It suggests fixes and links to sample code. Secure Coding Checker helps development teams test apps and minimize pre-release bugs by allowing multiple scans. It is currently used by over 100 listed companies in Japan.

Technology
1 of 14
Download to read offline
Introduction to Secure Coding Checker A diagnostic tool for identifying vulnerabilities in Android apps Yoshinori.Iwano@sony.com Copyright 2016 Sony Digital Network Applications, Inc.
Copyright 2016 Sony Digital Network Applications, Inc.2 My Profile Sony Digital Network Applications, Inc. (SDNA) Marketing Producer Yoshinori Iwano Planning of the smartphone app and marketing. Achieving a million DL and Photo category No.1 in the some countries. Then launch the sale of a new business Secure Coding Checker from the initial. Sold to around 100 listed companies in Japan. Now, responsible for US sales & marketing too.
Introduction to Secure Coding Checker Copyright 2016 Sony Digital Network Applications, Inc.3
Copyright 2016 Sony Digital Network Applications, Inc. What is Secure Coding Checker? 4 A web-based vulnerabilities assessment tool for Android applications. Most popular assessment tool in Japan
Copyright 2016 Sony Digital Network Applications, Inc. Key features of Secure Coding Checker 5  Developers need only upload your Apk file.  Results within a minute and unlimited scan  Use the easy guidance to quickly fix the problems in your code.
Copyright 2016 Sony Digital Network Applications, Inc. Visualizing the effects of security provisions 6 Apps are automatically analyzed, and their vulnerabilities are displayed in a graphical format.
Copyright 2016 Sony Digital Network Applications, Inc. Full coverage from identification to correction of vulnerabilities 7 The tool suggests methods for fixing the vulnerabilities it detects The guidebook contains commercially-usable sample code that may be copied and pasted to fix vulnerabilities Guidebook Jump directly to the section of the guidebook that discusses the security issue in question
Copyright 2016 Sony Digital Network Applications, Inc. Diagnostic criteria taken from the Android Secure Design / Secure Coding Guidebook The Android Secure Design / Secure Coding Guidebook, Defect Standard for Android developer in Japan 8 June 2012 November 2012 April 2013 July 2014 June 2015 February 2016 Updated one to two times annually
Copyright 2016 Sony Digital Network Applications, Inc. Evidence exporting functionality 9 Test results may be exported to Excel. The resulting spreadsheet may be used as evidence that an application was developed in compliance with the JSSEC secure coding guidebook Export
Copyright 2016 Sony Digital Network Applications, Inc. Customer Benefit 10  Allows for tests to be conducted multiple times though out the development process.  So that pre-release trouble can be minimized  Helps developers find security issues in their code as early as possible  And gives the management team the ability to visualize and keep track of current security activities and trends
Copyright 2016 Sony Digital Network Applications, Inc. Our Costumers 11 around 100 listed companies Mobile operation companies Major game companies Electronic companies And variety of industries companies.
Copyright 2016 Sony Digital Network Applications, Inc. Free trial 12 Now offering free 4-week trials https://freetrial.scc.sonydna.com/account/subscribe Seeking for business partners !! Yoshinori.Iwano@sony.com
Copyright 2016 Sony Digital Network Applications, Inc. How to contact us 13 Product website: http://www.sonydna.com/sdna/e/solution/scc.html Android Security Report http://www.sonydna.com/sdna/e/solution/AndroidSecutiryReport_en_160 325Link.pdf Secure Coding Guide www.jssec.org/dl/android_securecoding_en.pdf Sony Digital Network Applications, Inc. Secure Coding Checker Department sdna-security-sales@jp.sony.com
Sony is a trademark of Sony corporation. Other Sony product or service names are trademarks or registered trademarks of Sony Corporation or each Sony group company. All other trademarks or registered trademarks are the property of their respective owners. Sony Digital Network Applications, Inc. 21-28 Higashigotanda 2-chome, Shinagawa-ku, Tokyo, 141-0022 Japan TEL:+81-50-3750-1897 Copyright 2016 Sony Digital Network Applications, Inc.14

Recommended

Android Application Development China - ITOutsourcingChina
Android Application Development China - ITOutsourcingChinaAndroid Application Development China - ITOutsourcingChina
Android Application Development China - ITOutsourcingChina
IT Outsourcing China
 
Android workshop sn tech solutions
Android workshop sn tech solutionsAndroid workshop sn tech solutions
Android workshop sn tech solutions
SN Tech Solutions
 
Iphone application development trends for 2016
Iphone application development trends for 2016 Iphone application development trends for 2016
Iphone application development trends for 2016
Jeet7Banerjee
 
Everything You Need to Know About Testing Foldable Phones
Everything You Need to Know About Testing Foldable PhonesEverything You Need to Know About Testing Foldable Phones
Everything You Need to Know About Testing Foldable Phones
Perfecto by Perforce
 
Mobile application
Mobile applicationMobile application
Mobile application
Sonia Madan
 
Mobile apps developers oregon
Mobile apps developers oregonMobile apps developers oregon
Mobile apps developers oregon
iapp Techologies LLP
 
Appknox Enterprise Offerings
Appknox Enterprise OfferingsAppknox Enterprise Offerings
Appknox Enterprise Offerings
Appknox
 
Synopsis minor project
Synopsis minor projectSynopsis minor project
Synopsis minor project
Nidhi Chauhan
 

Recommended

Android Application Development China - ITOutsourcingChina
Android Application Development China - ITOutsourcingChinaAndroid Application Development China - ITOutsourcingChina
Android Application Development China - ITOutsourcingChina
IT Outsourcing China
 
Android workshop sn tech solutions
Android workshop sn tech solutionsAndroid workshop sn tech solutions
Android workshop sn tech solutions
SN Tech Solutions
 
Iphone application development trends for 2016
Iphone application development trends for 2016 Iphone application development trends for 2016
Iphone application development trends for 2016
Jeet7Banerjee
 
Everything You Need to Know About Testing Foldable Phones
Everything You Need to Know About Testing Foldable PhonesEverything You Need to Know About Testing Foldable Phones
Everything You Need to Know About Testing Foldable Phones
Perfecto by Perforce
 
Mobile application
Mobile applicationMobile application
Mobile application
Sonia Madan
 
Mobile apps developers oregon
Mobile apps developers oregonMobile apps developers oregon
Mobile apps developers oregon
iapp Techologies LLP
 
Appknox Enterprise Offerings
Appknox Enterprise OfferingsAppknox Enterprise Offerings
Appknox Enterprise Offerings
Appknox
 
Synopsis minor project
Synopsis minor projectSynopsis minor project
Synopsis minor project
Nidhi Chauhan
 
Mobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetupMobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetup
Perfecto Mobile
 
Continuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps DeliveryContinuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps Delivery
Perfecto Mobile
 
Apps development company new york
Apps development company new yorkApps development company new york
Apps development company new york
iapp Techologies LLP
 
Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012
lowlysynagogue957
 
Android app bangalore.
Android app bangalore.Android app bangalore.
Android app bangalore.
brillmindztech brillmindztech
 
Virgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality TransformationVirgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality Transformation
Perfecto by Perforce
 
Comparison between-ios-and-android
Comparison between-ios-and-androidComparison between-ios-and-android
Comparison between-ios-and-android
Codiant
 
Applications of useful andriod apps
Applications of useful andriod appsApplications of useful andriod apps
Applications of useful andriod apps
13201247
 
Mobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest TeamsMobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest Teams
Perfecto by Perforce
 
Ios app development company in kuwait
Ios app development company in kuwaitIos app development company in kuwait
Ios app development company in kuwait
kuwaitbrillmindz
 
Which mobile os should you choose while building
Which mobile os should you choose while buildingWhich mobile os should you choose while building
Which mobile os should you choose while building
ArpitGautam20
 
Mobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case StudiesMobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case Studies
Mobile Programming LLC
 
Are You Ready for iOS 8?
Are You Ready for iOS 8?Are You Ready for iOS 8?
Are You Ready for iOS 8?
Keynote Mobile Testing
 
History of mobile apps
History of mobile appsHistory of mobile apps
History of mobile apps
THINK IT Training
 
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
Pixel Crayons
 
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, HelsinkiMobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
Robert Nyman
 
History of mobile apps
History of mobile apps History of mobile apps
History of mobile apps
Swathi Young
 
Juc oct 2014 final
Juc oct 2014 finalJuc oct 2014 final
Juc oct 2014 final
Perfecto Mobile
 
Vulnerable Hunter
Vulnerable HunterVulnerable Hunter
Vulnerable Hunter
IJERA Editor
 
Why Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the CloudWhy Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the Cloud
Perfecto by Perforce
 
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Vincenzo Iozzo
 
Cyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_YayımlandıCyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_Yayımlandı
Government
 

More Related Content

What's hot

Mobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetupMobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetup
Perfecto Mobile
 
Continuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps DeliveryContinuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps Delivery
Perfecto Mobile
 
Apps development company new york
Apps development company new yorkApps development company new york
Apps development company new york
iapp Techologies LLP
 
Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012
lowlysynagogue957
 
Android app bangalore.
Android app bangalore.Android app bangalore.
Android app bangalore.
brillmindztech brillmindztech
 
Virgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality TransformationVirgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality Transformation
Perfecto by Perforce
 
Comparison between-ios-and-android
Comparison between-ios-and-androidComparison between-ios-and-android
Comparison between-ios-and-android
Codiant
 
Applications of useful andriod apps
Applications of useful andriod appsApplications of useful andriod apps
Applications of useful andriod apps
13201247
 
Mobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest TeamsMobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest Teams
Perfecto by Perforce
 
Ios app development company in kuwait
Ios app development company in kuwaitIos app development company in kuwait
Ios app development company in kuwait
kuwaitbrillmindz
 
Which mobile os should you choose while building
Which mobile os should you choose while buildingWhich mobile os should you choose while building
Which mobile os should you choose while building
ArpitGautam20
 
Mobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case StudiesMobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case Studies
Mobile Programming LLC
 
Are You Ready for iOS 8?
Are You Ready for iOS 8?Are You Ready for iOS 8?
Are You Ready for iOS 8?
Keynote Mobile Testing
 
History of mobile apps
History of mobile appsHistory of mobile apps
History of mobile apps
THINK IT Training
 
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
Pixel Crayons
 
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, HelsinkiMobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
Robert Nyman
 
History of mobile apps
History of mobile apps History of mobile apps
History of mobile apps
Swathi Young
 
Juc oct 2014 final
Juc oct 2014 finalJuc oct 2014 final
Juc oct 2014 final
Perfecto Mobile
 
Vulnerable Hunter
Vulnerable HunterVulnerable Hunter
Vulnerable Hunter
IJERA Editor
 
Why Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the CloudWhy Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the Cloud
Perfecto by Perforce
 

What's hot (20)

Mobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetupMobile Test Coverage- Israel 4th meetup
Mobile Test Coverage- Israel 4th meetup
 
Continuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps DeliveryContinuous Quality For a 5 Star Mobile Apps Delivery
Continuous Quality For a 5 Star Mobile Apps Delivery
 
Apps development company new york
Apps development company new yorkApps development company new york
Apps development company new york
 
Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012Clear-Cut Advice In ios games For 2012
Clear-Cut Advice In ios games For 2012
 
Android app bangalore.
Android app bangalore.Android app bangalore.
Android app bangalore.
 
Virgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality TransformationVirgin Media's Mobile Quality Transformation
Virgin Media's Mobile Quality Transformation
 
Comparison between-ios-and-android
Comparison between-ios-and-androidComparison between-ios-and-android
Comparison between-ios-and-android
 
Applications of useful andriod apps
Applications of useful andriod appsApplications of useful andriod apps
Applications of useful andriod apps
 
Mobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest TeamsMobile App Quality Roadmap for DevTest Teams
Mobile App Quality Roadmap for DevTest Teams
 
Ios app development company in kuwait
Ios app development company in kuwaitIos app development company in kuwait
Ios app development company in kuwait
 
Which mobile os should you choose while building
Which mobile os should you choose while buildingWhich mobile os should you choose while building
Which mobile os should you choose while building
 
Mobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case StudiesMobile Programming LLC sample Case Studies
Mobile Programming LLC sample Case Studies
 
Are You Ready for iOS 8?
Are You Ready for iOS 8?Are You Ready for iOS 8?
Are You Ready for iOS 8?
 
History of mobile apps
History of mobile appsHistory of mobile apps
History of mobile apps
 
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
iOS 15 Is Upon Us: What New Can Apple Lovers Expect in iOS 15 Features?
 
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, HelsinkiMobile phone trends, user data & developer climate - frontend.fi, Helsinki
Mobile phone trends, user data & developer climate - frontend.fi, Helsinki
 
History of mobile apps
History of mobile apps History of mobile apps
History of mobile apps
 
Juc oct 2014 final
Juc oct 2014 finalJuc oct 2014 final
Juc oct 2014 final
 
Vulnerable Hunter
Vulnerable HunterVulnerable Hunter
Vulnerable Hunter
 
Why Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the CloudWhy Mobile and Web Testing MUST Move to the Cloud
Why Mobile and Web Testing MUST Move to the Cloud
 

Viewers also liked

Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Vincenzo Iozzo
 
Cyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_YayımlandıCyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_Yayımlandı
Government
 
Advanced Networking Concepts Applied Using Linux on IBM System z
Advanced Networking Concepts Applied Using Linux on IBM System zAdvanced Networking Concepts Applied Using Linux on IBM System z
Advanced Networking Concepts Applied Using Linux on IBM System z
IBM India Smarter Computing
 
Network Monitoring in the age of the Cloud
Network Monitoring in the age of the CloudNetwork Monitoring in the age of the Cloud
Network Monitoring in the age of the Cloud
Augusto Ciuffoletti
 
Let's Build an Unpacker (Unpackers 101)
Let's Build an Unpacker (Unpackers 101)Let's Build an Unpacker (Unpackers 101)
Let's Build an Unpacker (Unpackers 101)Mario Suvajac
 
Analysis of (unknown) file formats
Analysis of (unknown) file formatsAnalysis of (unknown) file formats
Analysis of (unknown) file formats
Mario Suvajac
 
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
Eswar Publications
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
Dr Robert D. Childs
 
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Tom Moore
 
Advanced Computer Networking
Advanced Computer NetworkingAdvanced Computer Networking
Advanced Computer NetworkingTony Vowels
 
Epoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration TestEpoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration Test
Epoch Universal, Inc.
 
Opportunities for CSOs in TOR Review and Amendment
Opportunities for CSOs in TOR Review and AmendmentOpportunities for CSOs in TOR Review and Amendment
Opportunities for CSOs in TOR Review and Amendment
Yuyun Wahyuningrum
 
Advanced Networking
Advanced NetworkingAdvanced Networking
Advanced Networking
Pratima Parida
 
From Russia with Love - modern tools used in Cyber Attacks
From Russia with Love - modern tools used in Cyber AttacksFrom Russia with Love - modern tools used in Cyber Attacks
From Russia with Love - modern tools used in Cyber Attacks
Thomas Burg
 
Tor projet
Tor projetTor projet
Tor projet
JP TQ
 
On Edge Control Set of a Graph in Transportation Problems
On Edge Control Set of a Graph in Transportation ProblemsOn Edge Control Set of a Graph in Transportation Problems
On Edge Control Set of a Graph in Transportation Problems
Eswar Publications
 
Base64 Encoding
Base64 EncodingBase64 Encoding
Base64 Encoding
Jonathan Francis Roscoe
 
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
Deft Association
 
Design and operation of secure cyber physical systems
Design and operation of secure cyber physical systemsDesign and operation of secure cyber physical systems
Design and operation of secure cyber physical systems
I3E Technologies
 
High Scalability Network Monitoring for Communications Service Providers
High Scalability Network Monitoring for Communications Service ProvidersHigh Scalability Network Monitoring for Communications Service Providers
High Scalability Network Monitoring for Communications Service Providers
CA Technologies
 

Viewers also liked (20)

Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009Post exploitation techniques on OSX and Iphone, EuSecWest 2009
Post exploitation techniques on OSX and Iphone, EuSecWest 2009
 
Cyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_YayımlandıCyber Operation Planning and Operational Design_Yayımlandı
Cyber Operation Planning and Operational Design_Yayımlandı
 
Advanced Networking Concepts Applied Using Linux on IBM System z
Advanced Networking Concepts Applied Using Linux on IBM System zAdvanced Networking Concepts Applied Using Linux on IBM System z
Advanced Networking Concepts Applied Using Linux on IBM System z
 
Network Monitoring in the age of the Cloud
Network Monitoring in the age of the CloudNetwork Monitoring in the age of the Cloud
Network Monitoring in the age of the Cloud
 
Let's Build an Unpacker (Unpackers 101)
Let's Build an Unpacker (Unpackers 101)Let's Build an Unpacker (Unpackers 101)
Let's Build an Unpacker (Unpackers 101)
 
Analysis of (unknown) file formats
Analysis of (unknown) file formatsAnalysis of (unknown) file formats
Analysis of (unknown) file formats
 
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
Stochastic Scheduling Algorithm for Distributed Cloud Networks using Heuristi...
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
 
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
 
Advanced Computer Networking
Advanced Computer NetworkingAdvanced Computer Networking
Advanced Computer Networking
 
Epoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration TestEpoch Universal Professional Services: Penetration Test
Epoch Universal Professional Services: Penetration Test
 
Opportunities for CSOs in TOR Review and Amendment
Opportunities for CSOs in TOR Review and AmendmentOpportunities for CSOs in TOR Review and Amendment
Opportunities for CSOs in TOR Review and Amendment
 
Advanced Networking
Advanced NetworkingAdvanced Networking
Advanced Networking
 
From Russia with Love - modern tools used in Cyber Attacks
From Russia with Love - modern tools used in Cyber AttacksFrom Russia with Love - modern tools used in Cyber Attacks
From Russia with Love - modern tools used in Cyber Attacks
 
Tor projet
Tor projetTor projet
Tor projet
 
On Edge Control Set of a Graph in Transportation Problems
On Edge Control Set of a Graph in Transportation ProblemsOn Edge Control Set of a Graph in Transportation Problems
On Edge Control Set of a Graph in Transportation Problems
 
Base64 Encoding
Base64 EncodingBase64 Encoding
Base64 Encoding
 
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
deftcon 2015 - Epifani, Picasso, Scarito, Meda - Tor Browser forensics on Win...
 
Design and operation of secure cyber physical systems
Design and operation of secure cyber physical systemsDesign and operation of secure cyber physical systems
Design and operation of secure cyber physical systems
 
High Scalability Network Monitoring for Communications Service Providers
High Scalability Network Monitoring for Communications Service ProvidersHigh Scalability Network Monitoring for Communications Service Providers
High Scalability Network Monitoring for Communications Service Providers
 

Similar to Introduction to Secure Coding Checker

Tackling Enterprise App Development with Ionic
Tackling Enterprise App Development with IonicTackling Enterprise App Development with Ionic
Tackling Enterprise App Development with Ionic
JoshuaWalovitch
 
Android App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before OutsourcingAndroid App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before Outsourcing
Sara Suarez
 
10 important points of android app development to keep in mind
10 important points of android app development to keep in mind10 important points of android app development to keep in mind
10 important points of android app development to keep in mind
Moon Technolabs Pvt. Ltd.
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
Jay Li
 
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptxMOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
muthulakshmi cse
 
Top 12 Reasons You Should Invest in Android App Development.pptx
Top 12 Reasons You Should Invest in Android App Development.pptxTop 12 Reasons You Should Invest in Android App Development.pptx
Top 12 Reasons You Should Invest in Android App Development.pptx
Bytes Technolab Inc.
 
Ios app development company in india
Ios app development company in indiaIos app development company in india
Ios app development company in india
Brill Mindz Technologies Pvt Ltd
 
Custom software-development-company
Custom software-development-companyCustom software-development-company
Custom software-development-company
Echo Innovate IT
 
Mse july13 (1/3)
Mse july13 (1/3)Mse july13 (1/3)
Mse july13 (1/3)
IIITA
 
Certificate Examination Developement Application for Smartphone english ver1.0
Certificate Examination Developement Application for Smartphone english ver1.0Certificate Examination Developement Application for Smartphone english ver1.0
Certificate Examination Developement Application for Smartphone english ver1.0
河上 純二
 
Blog Examples
Blog ExamplesBlog Examples
Blog Examples
joegregory5
 
Android app design and development company
Android app design and development companyAndroid app design and development company
Android app design and development company
Brill Mindz Technologies Pvt Ltd
 
Steps For Building A Successful App For Your Business.pptx
Steps For Building A Successful App For Your Business.pptxSteps For Building A Successful App For Your Business.pptx
Steps For Building A Successful App For Your Business.pptx
Concetto Labs
 
best Mobile App Development Companies in Bangalore.pdf
best Mobile App Development Companies in Bangalore.pdfbest Mobile App Development Companies in Bangalore.pdf
best Mobile App Development Companies in Bangalore.pdf
IndGlobal Digital Private Limited
 
How do you hire a skilled Android developer for your project_.pdf
How do you hire a skilled Android developer for your project_.pdfHow do you hire a skilled Android developer for your project_.pdf
How do you hire a skilled Android developer for your project_.pdf
BOSC Tech Labs
 
Android Documentation
Android DocumentationAndroid Documentation
Android Documentation
Raj Dubey
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
Daniel zhao
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
Комсс Файквэе
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
Комсс Файквэе
 
Mobile App Development Tools For Building Apps
Mobile App Development Tools For Building AppsMobile App Development Tools For Building Apps
Mobile App Development Tools For Building Apps
XongoLab Technologies LLP
 

Similar to Introduction to Secure Coding Checker (20)

Tackling Enterprise App Development with Ionic
Tackling Enterprise App Development with IonicTackling Enterprise App Development with Ionic
Tackling Enterprise App Development with Ionic
 
Android App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before OutsourcingAndroid App Development - Factors to be Considered Before Outsourcing
Android App Development - Factors to be Considered Before Outsourcing
 
10 important points of android app development to keep in mind
10 important points of android app development to keep in mind10 important points of android app development to keep in mind
10 important points of android app development to keep in mind
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
 
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptxMOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
MOBILE APPLICATIONS DEVELOPMENT AND SERVICES.pptx
 
Top 12 Reasons You Should Invest in Android App Development.pptx
Top 12 Reasons You Should Invest in Android App Development.pptxTop 12 Reasons You Should Invest in Android App Development.pptx
Top 12 Reasons You Should Invest in Android App Development.pptx
 
Ios app development company in india
Ios app development company in indiaIos app development company in india
Ios app development company in india
 
Custom software-development-company
Custom software-development-companyCustom software-development-company
Custom software-development-company
 
Mse july13 (1/3)
Mse july13 (1/3)Mse july13 (1/3)
Mse july13 (1/3)
 
Certificate Examination Developement Application for Smartphone english ver1.0
Certificate Examination Developement Application for Smartphone english ver1.0Certificate Examination Developement Application for Smartphone english ver1.0
Certificate Examination Developement Application for Smartphone english ver1.0
 
Blog Examples
Blog ExamplesBlog Examples
Blog Examples
 
Android app design and development company
Android app design and development companyAndroid app design and development company
Android app design and development company
 
Steps For Building A Successful App For Your Business.pptx
Steps For Building A Successful App For Your Business.pptxSteps For Building A Successful App For Your Business.pptx
Steps For Building A Successful App For Your Business.pptx
 
best Mobile App Development Companies in Bangalore.pdf
best Mobile App Development Companies in Bangalore.pdfbest Mobile App Development Companies in Bangalore.pdf
best Mobile App Development Companies in Bangalore.pdf
 
How do you hire a skilled Android developer for your project_.pdf
How do you hire a skilled Android developer for your project_.pdfHow do you hire a skilled Android developer for your project_.pdf
How do you hire a skilled Android developer for your project_.pdf
 
Android Documentation
Android DocumentationAndroid Documentation
Android Documentation
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
 
Avtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_englishAvtest 2012 02-android_anti-malware_report_english
Avtest 2012 02-android_anti-malware_report_english
 
Mobile App Development Tools For Building Apps
Mobile App Development Tools For Building AppsMobile App Development Tools For Building Apps
Mobile App Development Tools For Building Apps
 

Recently uploaded

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 

Recently uploaded (20)

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 

Introduction to Secure Coding Checker

  • 1. Introduction to Secure Coding Checker A diagnostic tool for identifying vulnerabilities in Android apps Yoshinori.Iwano@sony.com Copyright 2016 Sony Digital Network Applications, Inc.
  • 2. Copyright 2016 Sony Digital Network Applications, Inc.2 My Profile Sony Digital Network Applications, Inc. (SDNA) Marketing Producer Yoshinori Iwano Planning of the smartphone app and marketing. Achieving a million DL and Photo category No.1 in the some countries. Then launch the sale of a new business Secure Coding Checker from the initial. Sold to around 100 listed companies in Japan. Now, responsible for US sales & marketing too.
  • 3. Introduction to Secure Coding Checker Copyright 2016 Sony Digital Network Applications, Inc.3
  • 4. Copyright 2016 Sony Digital Network Applications, Inc. What is Secure Coding Checker? 4 A web-based vulnerabilities assessment tool for Android applications. Most popular assessment tool in Japan
  • 5. Copyright 2016 Sony Digital Network Applications, Inc. Key features of Secure Coding Checker 5  Developers need only upload your Apk file.  Results within a minute and unlimited scan  Use the easy guidance to quickly fix the problems in your code.
  • 6. Copyright 2016 Sony Digital Network Applications, Inc. Visualizing the effects of security provisions 6 Apps are automatically analyzed, and their vulnerabilities are displayed in a graphical format.
  • 7. Copyright 2016 Sony Digital Network Applications, Inc. Full coverage from identification to correction of vulnerabilities 7 The tool suggests methods for fixing the vulnerabilities it detects The guidebook contains commercially-usable sample code that may be copied and pasted to fix vulnerabilities Guidebook Jump directly to the section of the guidebook that discusses the security issue in question
  • 8. Copyright 2016 Sony Digital Network Applications, Inc. Diagnostic criteria taken from the Android Secure Design / Secure Coding Guidebook The Android Secure Design / Secure Coding Guidebook, Defect Standard for Android developer in Japan 8 June 2012 November 2012 April 2013 July 2014 June 2015 February 2016 Updated one to two times annually
  • 9. Copyright 2016 Sony Digital Network Applications, Inc. Evidence exporting functionality 9 Test results may be exported to Excel. The resulting spreadsheet may be used as evidence that an application was developed in compliance with the JSSEC secure coding guidebook Export
  • 10. Copyright 2016 Sony Digital Network Applications, Inc. Customer Benefit 10  Allows for tests to be conducted multiple times though out the development process.  So that pre-release trouble can be minimized  Helps developers find security issues in their code as early as possible  And gives the management team the ability to visualize and keep track of current security activities and trends
  • 11. Copyright 2016 Sony Digital Network Applications, Inc. Our Costumers 11 around 100 listed companies Mobile operation companies Major game companies Electronic companies And variety of industries companies.
  • 12. Copyright 2016 Sony Digital Network Applications, Inc. Free trial 12 Now offering free 4-week trials https://freetrial.scc.sonydna.com/account/subscribe Seeking for business partners !! Yoshinori.Iwano@sony.com
  • 13. Copyright 2016 Sony Digital Network Applications, Inc. How to contact us 13 Product website: http://www.sonydna.com/sdna/e/solution/scc.html Android Security Report http://www.sonydna.com/sdna/e/solution/AndroidSecutiryReport_en_160 325Link.pdf Secure Coding Guide www.jssec.org/dl/android_securecoding_en.pdf Sony Digital Network Applications, Inc. Secure Coding Checker Department sdna-security-sales@jp.sony.com
  • 14. Sony is a trademark of Sony corporation. Other Sony product or service names are trademarks or registered trademarks of Sony Corporation or each Sony group company. All other trademarks or registered trademarks are the property of their respective owners. Sony Digital Network Applications, Inc. 21-28 Higashigotanda 2-chome, Shinagawa-ku, Tokyo, 141-0022 Japan TEL:+81-50-3750-1897 Copyright 2016 Sony Digital Network Applications, Inc.14