App Security at Android Summit 2020!
I’ll be presenting as part of Android Summit 2020, which has moved from the Washington DC area to the Web due to the pandemic, as have so many other events.
This year, I wanted to return to a subject that I have presented on many times before: app security. Generally, this subject is a bit of a backwater — Android experts are orders of magnitude more likely to write or talk about animations than security.
However, in the 2020 edition of the Android Summit, it seems like there will be a few presentations on security. This is a welcome change! However, it means that my planned “survey of app security” talk isn’t a great fit.
So, I’m going to be tweaking it slightly, focusing on modern app development and where security comes into play:
-
How (and when!) do we think about security in an agile/SCRUM world?
-
Where can security flaws come from? (hint: it’s not just your code)
-
How do we automate security checks the way that we automate our testing?
-
And so on
I’ll be using concrete examples of problems along the way to illustrate these sort of “AppSecOps” or “DevSecOps” topics.
The Android Summit is being held October 8-9. I do not know right now exactly when I will be speaking, other than it will be in the US East Coast afternoon or early evening. This is OK for the Western Hemisphere; if you are elsewhere, you may wind up needing to wait for the conference video to be published.
But, at the same time, since this is being held online, anyone can attend, not just those who are in position to get to DC! Visit https://www.androidsummit.org/ for details on getting tickets and, in the coming weeks, the complete event schedule.
I look forward to seeing you (virtually) there!
