Book description
Battle-Tested Best Practices for Securing Android Apps throughout the Development Lifecycle
Android’s immense popularity has made it today’s #1 target for attack: high-profile victims include eHarmony, Facebook, and Delta Airlines, just to name a few. Today, every Android app needs to resist aggressive attacks and protect data, and in Bulletproof Android™, Godfrey Nolan shows you how.
Unlike “black hat/gray hat” books, which focus on breaking code, this guide brings together complete best practices for hardening code throughout the entire development lifecycle. Using detailed examples from hundreds of apps he has personally audited, Nolan identifies common “anti-patterns” that expose apps to attack, and then demonstrates more secure solutions.
Nolan covers authentication, networking, databases, server attacks, libraries, hardware, and more. He illuminates each technique with code examples, offering expert advice on implementation and trade-offs. Each topic is supported with a complete sample app, which demonstrates real security problems and solutions.
Learn how to
Apply core practices for securing the platform
Protect code, algorithms, and business rules from reverse engineering
Eliminate hardcoding of keys, APIs, and other static data
Eradicate extraneous data from production APKs
Overcome the unique challenges of mobile authentication and login
Transmit information securely using SSL
Prevent man-in-the-middle attacks
Safely store data in SQLite databases
Prevent attacks against web servers and services
Avoid side-channel data leakage through third-party libraries
Secure APKs running on diverse devices and Android versions
Achieve HIPAA or FIPS compliance
Harden devices with encryption, SELinux, Knox, and MDM
Preview emerging attacks and countermeasures
This guide is a perfect complement to Nolan’s Android™ Security Essentials LiveLessons (video training; ISBN-13: 978-0-13-382904-4) and reflects new risks that have been identified since the LiveLessons were released.
Table of contents
- About This eBook
- Title Page
- Copyright Page
- Dedication Page
- Contents at a Glance
- Contents
- Preface
- Acknowledgments
- About the Author
- 1. Android Security Issues
- 2. Protecting Your Code
- 3. Authentication
- 4. Network Communication
- 5. Android Databases
- 6. Web Server Attacks
- 7. Third-Party Library Integration
- 8. Device Security
- 9. The Future
- Index
- Code Snippets
Product information
- Title: Bulletproof Android™: Practical Advice for Building Secure Apps
- Author(s):
- Release date: December 2014
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780133995121
You might also like
book
Practical Security
Most security professionals don't have the words "security" or "hacker" in their job title. Instead, as …
book
Penetration Testing: A Survival Guide
A complete pentesting guide facilitating smooth backtracking for working hackers About This Book Conduct network testing, …
book
Mobile Application Penetration Testing
Explore real-world threat scenarios, attacks on mobile applications, and ways to counter them About This Book …
book
Effective Cybersecurity: A Guide to Using Best Practices and Standards
William Stallings’ Effective Cybersecurity offers a comprehensive and unified explanation of the best practices and standards …