Static Code Analysis and Certificate Pinning: Meet Your New Best Friends
Smartphones are an essential part of our lives. We rely on them for information and communication. Every new technology introduces security risks and the mobile field is not immune to this process. The aim of this talk is to show how Sisal protects its applications both at the coding and runtime phases using static code analysis techniques and certificate pinning. The former allows developers to prevent vulnerabilities in the earlier stages of software development. The latter is capable of preventing attackers from analyzing the functionality and how the application communicates with servers.