The Real-World Mobile Application Pentesting Training Course (RMAP) is a highly-intensive mobile application security auditing training course designed to teach state-of-the-art practical technical methods and techniques for professionally executing a mobile application security audit or penetration test.
With the proliferation of mobile devices in today's modern environment, organizations are using more and more mobile apps & technologies to enable and facilitate user access to their data, systems and networks. Attending the RMAP will give attendees the opportunity to develop the skills necessary to perform in-depth technical security-testing of mobile applications.
Penetration testers and IT-security professionals who are already well-versed in network-layer and web-application penetration testing will find that mobile application pentesting comes with a completely different set of challenges which requires different approaches and skills. In line with our tradition of developing and providing cutting-edge real-world technical IT-security-centric courses such as the Organizational Systems Security Analyst, Organizational Systems Wireless Auditor® and Organizational Systems Web Application Pentester®, the RMAP takes a ground-up approach to educating attendees about all aspects of practical mobile application security-testing, beginning at understanding the code-level fundamentals of the two most popular mobile application platforms (Android and iOS) and expounding on mobile-application-specific protocols, mobile application dynamic analysis and mobile application exploitation techniques. Guiding the technical teachings throughout the course are applied principles from Sun Tzu's "Art of War" which add an additional dimension and timeless perspective to the art of mobile application pentesting.
This instructor-led, intensely practical, hands-on programme teaches a vendor-neutral and specialized approach to practical security testing of mobile applications. By equipping attendees with the proper knowledge and technical skillsets, the RMAP is intended to arm professional penetration testers and application developers with the proper skills, techniques and tools to conduct consistent and comprehensive mobile application security tests.
While the training course syllabus should be used to determine if this training-only course is appropriate for the attendee based on their current skills and requirements, the course aims to induct all attendees with the following:
A solid understanding about the security postures of mobile applications deployed over the two most commonly-used mobile operating systems used by both organizations and individuals;
How to prepare for and conduct mobile application security testing;
The ability to profile and analyze mobile application defenses;
Comprehensive technical understanding of how to exploit mobile applications using a wide variety of techniques;
Proper selection and usage of the appropriate tool for the relevant mobile application vulnerability; and
How to recommend countermeasures based on mobile security audit results.
IT-Security Penetration-Testers and/or Technical Auditors
IT-Security Practitioners and/or Technical Professionals
Mobile Application Developers and Programmers
and anyone who is looking to learn about how to conduct a technical vendor-neutral practical security-test against mobile applications.