[owasp_seraphimdroid_project] Mobile antivirus epic fail and how SeraphimDroid & ZAP can help

johanna curiel curiel johanna.curiel at owasp.org
Thu Sep 15 18:44:58 UTC 2016


Hi Zap and Seraphimdroid team

Recently I wrote an article regarding the security of mobile antivirus:
http://techbeacon.com/mobile-antivirus-introduces-vulnerability-how-devops-could-have-stopped-mess

Many OWASP resources and projects are actually mentioned as resources for
proper development lifecycle. Zap among others

I'm conducting a research on automation of apps security testing and one of
the apps I will be testing is Seraphimdroid.

I'll be using ZAP for the testing certain areas of the application and ZEST
scripts.

@Seraphimdroid team: I think , based on the mobile fiasco, if SeraphimDroid
enhances his security testing , patching the issues found, including a Bug
Bounty program, we will have a more secure app than any anti-virus and for
free ;-P

Right now I have a draft of the areas ZAP helps testing mobile apps:
https://docs.google.com/document/d/1PdkvNh0SOy5fSIcmkuDMNCNxvlKRpdFseFX_lnoJUfg/edit?usp=sharing

If you have any ideas, feel free to feedback


Johanna Curiel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_seraphimdroid_project/attachments/20160915/2a958c53/attachment.html>


More information about the Owasp_seraphimdroid_project mailing list