Securing Android Applications

This course explores the Android mobile operating system from the perspective of user, application, and server security; and shows experienced Android developers how to apply best practices to secure their applications.

Goals
  1. Understand the security characteristics of mobile computing, and the Android OS in particular.
  2. Manage application data in a secure fashion.
  3. Apply appropriate safeguards over entry points to applications, including intent filters, bound services, and broadcast receivers.
  4. Use cryptography as appropriate, especially in remote communications.
  5. Manage user credentials, including passwords and issued tokens.
Outline
  1. Mobile OS Security
    1. Vulnerabilities of Mobile Systems
    2. Security Overview of Android
    3. For Comparison: iOS
    4. Analysis and Areas of Concern
    5. Digital Signature of Applications
    6. Rooted Devices
    7. Clickjacking
    8. Best Practices
    9. The OWASP Mobile Top 10
  2. Application Security
    1. Permissions
    2. Custom Permissions
    3. Security Configuration
    4. Storage Models
    5. Internal Storage
    6. USB, Bluetooth, WiFi, and External Media
    7. File System Security
    8. Encrypted File Systems
    9. Injection Vulnerabilities
    10. Inter-Process Communication
    11. Guarding IPC Entrances
    12. Services and Broadcast Receivers
    13. Logging
  3. Remote Connectivity
    1. Remote Connections from Mobile Devices
    2. The INTERNET Permission
    3. HTTP and HTTPS Communication
    4. Keystores and Cryptography
    5. Username/Password Login
    6. Managing Credentials
    7. HMACs
    8. Managing Token Pairs
Class Materials

Each student in our Live Online and our Onsite classes receives a comprehensive set of materials, including course notes and all the class examples.

Class Prerequisites

Experience in the following is required for this Android class:

  • Java programming experience is required;
  • Introductory knowledge of Android programming is required:
  • We recommend intermediate Android programming in advance of this course
Preparing for Class

Training for your Team

Length: 1 Day
  • Private Class for your Team
  • Online or On-location
  • Customizable
  • Expert Instructors

What people say about our training

It was well-paced. The instructor was very knowledgeable and allowed us to really explore the features we were learning about. Hands-on training is the best!
Walter Humfeld
The Boeing Company
Great overview of Apache HTTPD! Perfect for those who are Apache newbies.
Ted Kaczerski
SunGard
My experience with the online class was very detailed and fun. The 3 days went very fast but were informative.
Steven Kelley
ProQuest
An impressive class environment to introduce or clarify SQL Queries. Having an instructor-led program allows for a myriad of questions to be answered immediately, to clarify the documentation, and to provide examples real-time for us.
Dennis Tetreault
Cisco Systems

No cancelation for low enrollment

Certified Microsoft Partner

Registered Education Provider (R.E.P.)

GSA schedule pricing

60,501

Students who have taken Instructor-led Training

11,679

Organizations who trust Webucator for their Instructor-led training needs

100%

Satisfaction guarantee and retake option

8.89

Students rated our Securing Android Applications trainers 8.89 out of 10 based on 1 reviews

Contact Us or call 1-877-932-8228