This course focuses on the essential security practices in Android app development. Learners will implement and evaluate various authentication mechanisms, including two-factor authentication and biometrics, to enhance user security. The course also explores different authorization types, such as OAuth, and teaches how to identify and manage risks associated with IDOR and uncontrolled sessions.
In addition to authentication and authorization, participants will learn to ensure application and device integrity through effective security practices. The course covers skills for handling and logging errors effectively in Android apps, as well as understanding and mitigating risks associated with third-party code, tamper protection, root detection, and social engineering. By the end of the course, learners will be equipped with the knowledge to develop secure Android applications.
Overview
Syllabus
- Access Control
- This module introduces learners to access control mechanisms in Android app development. It covers authentication and authorization techniques, including two-factor authentication, biometrics, and OAuth. Learners will also explore session management and the risks associated with insecure direct object references (IDOR).
- Protecting Software and System Integrity
- This module focuses on maintaining the integrity of applications and devices. It covers the risks of integrating third-party code, error handling, and testing. Learners will also learn about tamper protection, root detection, and social engineering risks.
- Final Exam
Taught by
Chrystine D Thorsen
