Get in Touch

Course Outline

Introduction

Overview of the OWASP Mobile Security Testing Guide for government

  • Key areas in mobile application security
  • The OWASP Mobile AppSec Verification Standard (MASVS)
  • Navigating the guide for government use
  • Mobile application taxonomy

Understanding Mobile Application Security Testing Basics

  • Mobile application security checklist for government
  • Fundamental testing principles for government applications
  • Setting clear testing objectives for government projects
  • Integrating security testing throughout the development lifecycle for government

Running General Testing Techniques for Mobile Applications

  • Authentication architectures for government apps
  • Testing network and cryptography for government applications
  • Evaluating code quality for government mobile apps
  • Assessing tampering and reverse engineering risks for government
  • User interaction security in government mobile applications

Exploring Android and iOS Platforms for Government Use

  • Overview of the Android platform for government
  • Data storage considerations on Android for government apps
  • Overview of the iOS platform for government
  • Data storage practices on iOS for government applications

Performing Security Testing for Android in Government

  • Basic security testing for Android applications in government
  • Testing data storage mechanisms in government Android apps
  • Evaluating local authentication methods for government Android apps
  • Assessing Android APIs (cryptographic, network, and platform) for government use
  • Code quality and build settings for government Android applications
  • Identifying tampering and reverse engineering vulnerabilities in government Android apps
  • Implementing anti-reversing defenses for government Android applications

Performing Security Testing for iOS in Government

  • Basic security testing for iOS applications in government
  • Testing data storage mechanisms in government iOS apps
  • Evaluating iOS APIs (cryptographic, network, and platform) for government use
  • Code quality and build settings for government iOS applications
  • Identifying tampering and reverse engineering vulnerabilities in government iOS apps
  • Implementing anti-reversing defenses for government iOS applications

Contributing to the MSTG Community for Government

  • Reading the MSTG for government insights
  • Contribution guide for government stakeholders
  • Submitting feature requests and feedback from a government perspective

Summary and Conclusion for Government Use

Requirements

  • A comprehensive understanding of the mobile app development lifecycle for government
  • Experience in mobile application development, security, and testing

Audience

  • Developers
  • Engineers
  • Architects
 21 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (2)

I really enjoyed learning about AI attacks and the tools out there to begin practicing and actively using for security testing. I took a lot of knowledge away which I didn't have at the beginning and the course met what I hoped it would be. My favorite part shown from the training was Comet Browser and was amazed at what it could do. Definitely something will be looking into more. Overall it was a great course and enjoyed learning all OWASP GenAI Top 10.

Patrick Collins - Optum
Course - OWASP GenAI Security

That every technical lesson came with multiple practical exercises to nail down the concepts.

Andrei-Calin Bajea
Course - OWASP Top 10 2025

Upcoming Courses

OWASP Mobile Security Testing Guide

2026-07-23 09:30
21 hours
PA, Philadelphia - International Plaza Dr Suite
$ 4054 (Online)
$ 5854 (Classroom)

OWASP Mobile Security Testing Guide

2026-08-06 09:30
21 hours
NY, Queens - Forest Hills Tower
$ 4054 (Online)
$ 5854 (Classroom)

OWASP Mobile Security Testing Guide

2026-08-20 09:30
21 hours
NY, Staten Island - 1120 South Avenue
$ 4054 (Online)
$ 5854 (Classroom)

Related Courses

From CI/CD and Devops to DevSecOps using OWASP Tools

 28 Hours
This course offers a comprehensive examination of the Software Development Life Cycle (SDLC) and its secure implementation through automation, integration, and adherence to best practices. Participants will acquire practical experience in incorporating DevOps and DevSecOps methodologies to bolster software security while ensuring operational efficiency. The curriculum also includes essential OWASP tools for threat modeling, SBOM integration, vulnerability tracking, and security testing within CI/CD pipelines, tailored to meet the unique requirements for government applications.
Read more...

DevSecOps Firefight: Breach, Fix & Fortify

 7 Hours
This world-class, cutting-edge, hands-on workshop immerses participants in the critical realities of modern CI/CD pipeline security. Tailored for government security professionals, DevOps engineers, and developers eager to master advanced pipeline breach defense, the training integrates live attack simulations with industry-leading tools and practical defense techniques, ensuring alignment with public sector workflows, governance, and accountability.
Read more...

Web Security Testing - Security and Testing of Web Applications using OWASP

 21 Hours

This instructor-led, live training (online or onsite) is aimed at developers, engineers, and architects seeking to secure their web apps and services for government.

By the end of this training, participants will be able to integrate, test, protect, and analyze their web apps and services using the OWASP testing framework and tools for government.

Read more...

OWASP GenAI Security

 14 Hours
In accordance with the latest OWASP GenAI Security Project guidance, participants will gain the skills to identify, assess, and mitigate AI-specific threats through practical exercises and real-world scenarios. This training is designed to enhance cybersecurity capabilities for government agencies, ensuring alignment with public sector workflows, governance, and accountability.
Read more...

OWASP Top 10

 14 Hours
This instructor-led, live training in US (online or onsite) is designed for government web developers and leaders who wish to explore and implement the OWASP Top 10 reference standard to enhance the security of their web applications. By the end of this training, participants will be able to strategize, implement, secure, and monitor their web applications and services using the OWASP Top 10 document for government.
Read more...

OWASP Web Security Testing Guide

 21 Hours
This instructor-led, live training in [location] (online or onsite) is aimed at developers, engineers, and architects who wish to apply the Web Security Testing Guide (WSTG) framework, principles, and techniques to secure their web applications and services for government. By the end of this training, participants will be able to: - Implement testing processes and techniques in the web development lifecycle using the WSTG. - Explore various testing techniques to tailor the WSTG framework according to specific business needs. - Conduct multiple security testing methods to safeguard web applications from risks and attacks. - Generate an assessment report to document security testing findings and results.
Read more...

How to Write Secure Code

 35 Hours

This Course in US aims to assist in the following:

  1. Enable Developers to master the techniques of writing secure code for government systems.
  2. Support Software Testers in conducting thorough security assessments before deploying applications to production environments for government use.
  3. Assist Software Architects in comprehending the risks associated with government applications and designing robust security frameworks.
  4. Help Team Leaders establish security baselines for developers working on government projects.
  5. Aid Web Masters in configuring servers to prevent misconfigurations that could compromise government systems.
Read more...

Secure Developer Java (Inc OWASP)

 21 Hours
This course provides an overview of secure coding concepts and principles using Java, aligned with the Open Web Application Security Project (OWASP) testing methodology. OWASP is a global online community dedicated to advancing the field of web application security by developing freely available articles, methodologies, documentation, tools, and technologies. The content is designed to enhance cybersecurity practices for government and other organizations, ensuring robust and secure software development processes.
Read more...

Secure Developer .NET (Inc OWASP)

 21 Hours
This course provides an in-depth examination of secure coding concepts and principles using ASP.NET, aligned with the Open Web Application Security Project (OWASP) methodology. OWASP is a global online community dedicated to creating freely available articles, methodologies, documentation, tools, and technologies in the field of web application security. The course delves into the security features of the .NET Framework and explores strategies for securing web applications. It is designed to equip participants with the knowledge and skills necessary to enhance security practices for government and other critical systems.
Read more...

Related Categories

OWASP
OWASP