[Owasp-leaders] Mobile antivirus epic fail and how SeraphimDroid & ZAP can help

• Previous message: [Owasp-leaders] AppSecUSA 2016
• Next message: [Owasp-leaders] https://www.owasp.org/index.php/Credential_stuffing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Zap and Seraphimdroid team

Recently I wrote an article regarding the security of mobile antivirus:
http://techbeacon.com/mobile-antivirus-introduces-vulnerability-how-devops-could-have-stopped-mess

Many OWASP resources and projects are actually mentioned as resources for
proper development lifecycle. Zap among others

I'm conducting a research on automation of apps security testing and one of
the apps I will be testing is Seraphimdroid.

I'll be using ZAP for the testing certain areas of the application and ZEST
scripts.

@Seraphimdroid team: I think , based on the mobile fiasco, if SeraphimDroid
enhances his security testing , patching the issues found, including a Bug
Bounty program, we will have a more secure app than any anti-virus and for
free ;-P

Right now I have a draft of the areas ZAP helps testing mobile apps:
https://docs.google.com/document/d/1PdkvNh0SOy5fSIcmkuDMNCNxvlKRpdFseFX_lnoJUfg/edit?usp=sharing

If you have any ideas, feel free to feedback


Johanna Curiel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160915/2a958c53/attachment.html>

• Previous message: [Owasp-leaders] AppSecUSA 2016
• Next message: [Owasp-leaders] https://www.owasp.org/index.php/Credential_stuffing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]