Mobile application security risks

Security experts have already agreed on the fact that the increased use of personal mobile devices and smartphones for work purposes is one of the biggest threat to the security of business data.

In this podcast recorded at the RSA Conference Europe 2011, Chris Eng, VP of Research at Veracode, talks about mobile application security and the encouraging trend of companies trying to understand the risks tied to their use.

He talks about research performed both Veracode and other companies that revealed the extent to which a great number of mobile apps are – intentionally or not – “hemorrhaging” data and harming users, and points out the most common intentionally included malicious behaviors and coding vulnerabilities found in currently offered apps.

Listen to the podcast here.

Chris Eng is Vice President of Research at Veracode, where he helps define and implement the security analysis capabilities of Veracode’s service offerings. He is a regular speaker at information security conferences including BlackHat, OWASP, and RSA, and has presented on a diverse set of application security topics ranging from attacking cryptography to building an SDLC.

Chris’ professional experience includes stints at Symantec, @stake, and the US Department of Defense, where he specialized in software security assessments, penetration testing, and vulnerability research. During RSA 2011, Chris was awarded “Best Security Blog Post of the Year” for a satirical video that inadvertently destroyed the respectability of the term “Thought Leader” for the entire security industry.