Enterprises are targeting both internal users and customers with smartphone applications for platforms such as Apple iPhone and Google Android. Many of these applications are constructed without fully considering the associated security implications of their deployment. Breaches can impact both users and the enterprise distributing the application as attackers take advantage of expanded access to sensitive data and network services. Dan Cornell discusses in this talk delivered at the December 7, 2010 OWASP Minneapolis-St. Paul (OWASP MSP) chapter meeting the emerging threats associated with deploying smartphone applications.
More information about OWASP is available at owasp.org. Follow OWASP MSP, host to OWASP AppSec USA 2011 conference to be held in September 2011, at twitter.com/owaspmsp and owasp.org/index.php/Minneapolis_St_Paul.