When: January 25, 2011, 11:30am - 1:00pm

Topic: Smart Phones with Dumb Apps

Enterprises are targeting both internal users and customers with smartphone applications for platforms such as Apple iPhone and Google Android. Many of these applications are constructed without fully considering the associated security implications of their deployment. Breaches can impact both users as well as the enterprise distributing the application as attackers take advantage of expanded access to sensitive data and network services. This talk discusses emerging threats associated with deploying smartphone applications and provides an overview of the threat modeling process. The presentation then walks example applications from an attacker’s perspective demonstrating the sort of information they are able to extract allowing for more advanced attacks.

Who: Dan Cornell

Dan Cornell has over twelve years of experience architecting, developing and securing web-based software systems. As a Principal of Denim Group, he leads the organization's technology team overseeing methodology development and project execution for Denim Group's customers. He also heads the Denim Group application security research team, investigating the application of secure coding and development techniques to the improvement of web based software development methodologies. In addition, Dan Cornell performed as the CTO of BrandDefense, architecting and developing their cutting-edge intellectual property protection technologies. Over a one year period of development he brought their web-based intellectual property protection technologies through three major versions, surpassing the applications of well funded and entrenched competitors. Previously he was the Vice President, Global Competency Leader for Rare Medium's Java and Unix competency center, based in San Antonio, Texas with development centers in New York, San Francisco, Atlanta and Sydney, Australia. He directed the development of best practices and policy for the cornerstone of Rare Medium's technical development arm, specializing in server-side Java application development. Prior to its acquisition by Rare Medium, Cornell was a founder and Vice President of Engineering for Atension, Inc. where he led the technical development team and served as the architect for the company's internal engineering practices. In March 1999, Texas Monthly magazine named Cornell and his partners, Sheridan Chambers and Tyson Weihs, to its list of 30 "Multimedia Whizzes Under Thirty" doing business in Texas.

Where: National Instruments, 11500 N Mopac, Building C which is the tallest building on campus (8 levels). There will be signs posted in the lobby to direct you where to go and the receptionists will be able to assist you as well. See directions to National Instruments.

Cost: Always Free