COD 110 – Fundamentals of Secure Mobile Development

Course Overview

This course introduces developers to mobile environment threats and risks and presents secure programming principles to mitigate them.

Topics include:

• Common threats to mobile applications: client-side injection, sensitive data handling, network transition, application patching, web-based attacks, phishing, third-party code, location security and privacy and denial of service
• Defensive coding techniques: input validation, output encoding, least privilege, code signing, data protection at rest and in transit, avoiding client side validation, and using platform security capabilities as they apply in mobile environments
• Threat modeling of mobile applications