Static Code Analysis and Certificate Pinning: Meet Your New Best Friends


Smartphones are an essential part of our lives. We rely on them for information and communication. Every new technology introduces security risks and the mobile field is not immune to this process. The aim of this talk is to show how Sisal protects its applications both at the coding and runtime phases using static code analysis techniques and certificate pinning. The former allows developers to prevent vulnerabilities in the earlier stages of software development. The latter is capable of preventing attackers from analyzing the functionality and how the application communicates with servers.

Language: English

Level: Intermediate

Claudia Foglieni

Mobile Lead Architect - Sisal S.p.A.

Lead Architect for Mobile Native Application, on Android and iOS operating system. Specialized in digital payments on every device for an omni channel solution. The main focus is a customer journey fast, smooth and seamless. Co-Author of "Retrieving Sensors Data in Smart Buildings Through Services: A Similarity Algorithm" presented at ICSOC Workshops 2014.

Go to speaker's detail

Lorenzo Boaro

Mobile Architect - Sisal S.p.A.

I currently work as a Software Engineer in Milan. I have more than five years of work experience with iOS. I started Objective-C in 2010 while Swift in 2015. In September 2017 I joined Ray Wenderlich where I’m writer for the tutorial team and tech editor for the video team. During my career I also worked with Java, Xamarin, .NET Framework for Silverlight web apps and JavaScript / HTML / CSS for Web and hybrid mobile apps. I like to keep up to date on new technologies and to experiment new stuff.

Go to speaker's detail