Carlos Holguera

OWASP Mobile Security Project Lead / NowSecure, Mobile Security Research Engineer

Talk Title

Securing Mobile Apps with OWASP MASVS & MSTG






11:30 > 20 min


on Twitter

There are numerous ways of developing mobile apps today, but how do you ensure that your app is properly secured? What are the threats you should be concerned about and what can you do to avoid being an easy target? If you don't want to miss anything, leveraging a standard is essential. Google understands this very well and since April 2022 acknowledges developers who had their apps independently validated against the OWASP MASVS.

In this talk I'll introduce you to the OWASP MASVS (Mobile Application Security Verification Standard), which works together with the OWASP MSTG (Mobile Security Testing Guide) to help you understand the attack surface of mobile apps, how to exploit them and how to protect them. Both resources are crafted and are curated by a team of numerous experts and community contributors.

Speaker Bio

Carlos is a mobile security research engineer working with NowSecure and one of the core project leaders and authors of the OWASP Mobile Security Testing Guide and OWASP Mobile Application Security Verification Standard. Carlos has gained many years of hands-on experience in the field of security testing for mobile apps and embedded systems such as automotive control units and IoT devices. He is passionate about reverse engineering and dynamic instrumentation of mobile apps and is continuously learning and sharing his knowledge.