Author: Shawn Valle

A bunch of industry friends and colleagues were asked to provide security predictions for 2019. Here’s what we each had to say: Excerpt from Rapid7 Blog: https://blog.rapid7.com/2019/01/02/facing-the-future-rapid7s-2019-security-predictions/ Happy New Year! Whether you’re feeling rattled or relieved to leave 2018 in the rearview mirror, now is your moment to take one deep (and deserved!) breath before […]

Repost from: Veracode blog The news regarding the NSA and its British counterpart discussed how the Angry Birds app was targeted as a means to collect personal information about app users. Presumably the agencies were collecting data that the app was already accessing as part of its normal operations. What data is being accessed and […]

Repost from: MITRE Cybersecurity Mobile device security still tops the list of IT security concerns. In this post, we interview Shawn Valle about his 2-day training class, Introduction to Android Forensics & Security Testing. [Editor]: What topics do you cover in your class? [Shawn Valle]: The class covers exploitation of the Android operating system and […]

Here’s a report from the first publicly released security audit of an iPad app using the iMAS developed open-source security libraries. This report shows that securing an iOS app isn’t too difficult, can greatly improve security without affecting usability, and tools are now freely available (at Project iMAS). iMAS has partnered with hReader to bolster the […]

Now Available! iMAS – iOS Mobile Application Security January 2013 iMAS is a secure iOS application framework research project focused on reducing iOS application vulnerabilities and information loss. Now Available – iMAS and its first open source static security controls for download and use in iOS applications. Visit and browse our project to find out […]

This is the publicly released slide deck that accompanies a 1-hour webinar that briefed the security (and anti-security) techniques of the Android operating system and applications. I developed a course, based on my years experience with that platform, and shared my learnings at several public and privately hosted events. Here’s a link to the PDF […]

Led research and development of white paper on technical details of developing Android mobile applications with a focus on data security and software assurance. Leveraged emerging guidance from NIST and DISA, for high-assurance. co-authors: Shawn Valle, Michael Peck September 30, 2011 Executive Summary Android applications developed for US Department of Defense (DoD), are required to […]