45 minutes | Mar 29, 2021

Mobile App Security - Tips For Securing Your Mobile Projects

This week, I want to talk about app security; specifically mobile app security; and being really, really specific Android app security; though the concepts will apply equally as well to iOS applications.App security is something that is vitally important to business and individuals that are possibly working with customer data, working with 3rd party services, or even working with your own services.Now while these security issues are serious, there also seems to be a rather glaring lack of security-focused information and discussion out there.So in this episode, I want to chat through a high-level overview of Android app security and some action items to help improve your project's security today.We'll talk about ways to improve your app; your source code; and your infrastructure.Chapters0:00 Teaser0:43 Overview3:41 Intro4:02 Why Is App Security Important?5:38 How Can We Minimize Security Risks?8:26 Minimizing Risk From Our App8:59 Obfuscating Our Code14:11 Securing API Keys19:24 Protecting Network Traffic24:45 Protecting User Data28:01 Securing Your Developer Identity35:00 Securing Your Source Code38:25 Protecting Your Development Machine40:28 Securing Your CI Infrastructure42:41 In SummaryResourceshttps://en.wikipedia.org/wiki/Obfuscation_(software)https://developer.android.com/studio/build/shrink-code#obfuscatehttps://r8.googlesource.com/r8https://developer.android.com/training/articles/security-confighttps://developer.android.com/studio/publish/app-signing#secure_keyhttps://docs.github.com/en/actions/reference/encrypted-secretsContacthttps://twitter.com/n8ebelhttps://goobar.dev/contact/
Play Next