Seasides
Back to Schedule
trainingtechnical

Master Android Application Security: Hands-On Training

Day 2February 20, 2026
09:00 AM
Goa, India
Register Now

Overview

In today's mobile-first world, Android applications are integral to the digital ecosystem. However, many Android applications are prone to security vulnerabilities due to improper configurations, insecure coding practices, and a lack of proper security measures.

This hands-on, in-depth training will provide participants with the knowledge and skills necessary to:

1. Secure Android applications against common attacks

2. Reverse engineering techniques powered with AI

3. Provide solutions for mitigating these risks

Training Overview:

In today's mobile-first world, Android applications are integral to the digital ecosystem. However, many Android applications are prone to security vulnerabilities due to improper configurations, insecure coding practices, and a lack of proper security measures.

This hands-on, in-depth training will provide participants with the knowledge and skills necessary to

1. Secure Android applications against common attacks,

2. Reverse engineering techniques powered with AI, and

3. Provide solutions for mitigating these risks.

The training will cover both foundational and advanced aspects of Android Application security, enabling developers, security researchers, and enthusiasts to understand the full spectrum of Android application security.

With 1.61 million apps available on Google Play as of Nov 2025 and 40.2 thousand new apps launched in October 2025, the importance of ensuring secure Android applications cannot be overstated. This training will empower participants to build robust and secure applications that meet the challenges of today’s rapidly evolving threat landscape.

Key Learning Objectives:

By the end of this training, participants will be able to:

1. Understand the Android OS Security Architecture and key components involved in securing Android apps.

2. Intercepting the HTTP & HTTPS and bypassing Network Security Config

3. Implement the Certificate Pinning to prevent man-in-the-middle (MITM) attacks. Bypass and protection techniques.

4. Understand Deep links and vulnerabilities associated with it

5. Firebase db misconfiguration and related vulnerabilities

6. Detect and prevent root access on Android devices, and understand popular root detection techniques.

7. Runtime Application Self Protection (RASP)

8. Identify and mitigate insecure local data storage and sensitive data leakage in mobile apps.

9. Conduct reverse engineering with AI powered tools of Android apps and understand common bypass techniques.

10. Utilize Frida and Objection for runtime manipulation and dynamic analysis.

Identifying the secrets

11. Static analysis using various tools

12. Automation using Python

13. Understanding of DevSecOps, Shift-left Security and Role of AI

14. Scan Android applications for vulnerabilities using Secrets Scanning and tools like Mobile Security Framework (MobSF) in CI/CD.

15. Pre-commit hooks to identify and prevent vulnerabilities in developers' machines before pushing the code to VCM.

16. Protect mobile apps from common attacks on application components and implement best practices in security.

Meet the Trainer

Satish Patnayak

Satish Patnayak

Application Security Expert

Satish Patnayak is a seasoned application security expert with more than 14 years of experience. Specializing in mobile app security, he has collaborated with leading organizations to enhance the security of their Android applications. He is the creator of widely used security tools, including AndroGoat, ScanAndroidXML, S3CURE, SG-Cleaner, which are trusted by the security community. Satish Patnayak has presented at renowned conferences such as Black Hat, OWASP, and Null meetings, where he shares his deep knowledge of application security. His passion lies in educating developers on secure coding practices and advocating for greater awareness of mobile security threats. Certifications: 1. SANS GIAC Mobile Device Security Analyst (GMOB) 2. AWS Certified Security Specialty 3. Certified DevSecOps Professional (CDP) Open Source Projects: 1. AndroGoat – Vulnerable Android application developed using Kotlin. 2. ScanAndroidXML – Scanning tool to identify vulnerabilities in Android applications. 3. S3CURE - Scans Amazon S3 buckets for potential security vulnerabilities. 4. SG - Cleaner - Identifies and safely removes unused security groups in AWS. Public Presentations: 1. BlackHat Europe 2020 2. Null Hyderabad chapter meet – July 2023 on Shift-left Security – IaC 3. OWASP Hyderabad chapter meet –September 2018 on Dynamic Instrumentation using Frida 4. OWASP Hyderabad chapter meet –April 2016 on Android Security 5. OWASP Sofia Chapter 6. OWASP Bay Area Blogs: 1. https://medium.com/@satish.appsec 2. http://badnetizen.blogspot.in

View Profile →

Quick Info

Date

February 20, 2026

Time

09:00 AM

Location

Goa, India

Master Android Application Security: Hands-On Training | Seasides 2026