Android Security Symposium 2017

Playing with your code: a new approach to avoid potential hackers from doing exactly this!

About the speaker

Hugues Thiebeauld

eshard, Bordeaux, France

Hugues Thiebeauld is CEO at eshard, a start-up focusing on security of mobile applications and IoT. Prior to founding the company (in 2015), he worked as security lab manager at UL, where he was responsible for growing the security evaluation lab and manage its accreditations. Using his technical expertise in attack techniques and his knowledge of the industry, he successfully built a team of experts (50+) located in 3 different regions (UK, France and Singapore). Prior to UL, Hugues worked at Oberthur and Thales in various cryptography and security evaluation related roles.

www.eshard.com

Abstract

eshard, a start-up in the field of mobile security and IoT, provides expert security
advice and tools to secure mobile applications and other connected devices. Our aim
is to facilitate the development process of mobile applications in order to achieve
the right level of security. However, how can you know that the correct security
protections have been implemented? How can you gain assurance that no one is able to
play with your binary code? Today, there is no other choice than inspecting codes
manually, which takes a lot of time and effort. Also, it seems checking the level
of security is always described as an area for experts only. Therefore, many
companies choose not to double-check the right implementation of security
protections. This may lead to weaknesses in the level of security, which is
undesirable. In this twenty minute presentation, eshard will explain how analyzing
binary codes can be done in a more efficient and cost-effective way, and how those
questioning the security of an implementation can benefit from this. Furthermore,
we explain how we try to ‘break free’ from the established way of looking at
security in mobile applications.

Slides

Get the slides here.

Video