Event details

Mandiant Academy Training Event

• Course: Practical Mobile Application Security
• Date: Monday, November 16, 2026 – Friday, November 20, 2026
• Time: 8:00 AM–2:30 PM, daily
• Time Zone: (UTC-07:00) Pacific Time (US & Canada)
• Cost: $5,000 USD or 5 units
• Delivery Method: Instructor-led, virtual delivery
• Location: Google Meet

At a glance

This 32-hour course equips participants with the fundamental knowledge and practical skills to assess the security of Android and iOS mobile applications. Participants learn through hands-on labs for each module, featuring unique, custom-developed scenarios and exercises based on real-world vulnerabilities, enabling participants to effectively identify and understand mobile security risks.

Prerequisites: Participants must possess the following technical skills:

• Familiarity with the Linux CLI
• Object-oriented programming fundamentals
• Web application testing experience

The following skills are recommended, although not required for the course:

• ARM/AARCH64 assembly familiarity
• Java, Kotlin, Swift, or Objective-C programming experience
• Experience testing thick-client applications
• Web services (REST, SOAP, JSON) testing experience

Course goals

After completing this course, participants should understand:

• Comprehensive mobile application testing capability: Participants will leave this course ready to test real-world applications as a hobby and professionally. This includes being able to download applications from a mobile device for analysis and overcoming common security hurdles including jailbreak/root detection, certificate pinning, and local storage encryption.
• Experience with industry standard and modern tooling: Participants will be ready to use Corellium to administer devices, make extensive use of Frida to manipulate mobile applications at runtime, and combine various other tools and techniques to complete mobile application assessments. Participants will also leave with the knowledge and capability to build and use their own test environment to meet their own testing needs.
• Static analysis and reverse-engineering techniques: Participants will learn effective workflows and techniques for static analysis and reverse engineering. This course will cover Android APK file and iOS IPA file structures and contents, along with reverse-engineering Dalvik bytecode, Objective-C, and Swift assembly (ARM). These crucial skills will enable participants to assess local data storage mechanisms, inter-process communications, platform usage, and supplement dynamic instrumentation with Frida.
• Inter-Process Communication (IPC) assessment techniques: Participants will gain the ability to effectively analyze and test common IPC mechanisms on both Android and iOS. This involves identifying exposed components (like Activities, Content Providers, or URL Schemes), interfacing with them using specialized tools, and discovering potential vulnerabilities such as data leakage or unauthorized actions through fuzzing and targeted analysis techniques.

Who this course helps

PMAS is a fast-paced technical course designed to provide participants with real world experience assessing mobile applications. The content is prepared for participants to possess a background in security fundamentals, threat modeling, object-oriented programming, and limited assembly (ARM) experience. Participants who are security engineers, application developers, and penetration testers will find this course most beneficial.

What to bring

1. A laptop with Google Chrome installed (must be able to access https://remotedesktop.corp.google.com/). Please note that corporate devices may block these resources so plan accordingly or use a personal device.
2. Access to a Gmail account (can be a personal account).

Participants will receive course materials and access to a testing environment during the course duration.