SecureMe - Droid

About Us

Security Consultant at Security Compass Inc.

Active in…• Web, Mobile & Infrastructure Security• Research & Development, IoT (new!)• Quick-n-Dirty coder• Proud OSCP

About Us

Director India Ops at Security Compass Inc.

• Researching in SDLC and Agile Security• SafeCode TLC representative• Co-leading the Delhi chapters– Null (since March 2014)– OWASP (since June 2014)

• Founder member of (ISC)² Delhi Chapter

Where it started?

Where it started?

• SMD: SecureMe – Droid• Android security application• Scan installed/updating apps• NVD CVE database as source

SecureMe – Droid Overview

• No other app providing this feature• Some similar ideas:– Android OS security apps– Privacy apps

http://cmuchimps.org/– Trustable– Belarc

Birth of SMD

SecureMe – Design Consideration

• Secure by Design– Minimum Android Permissions

• Network Access• Boot Completed

SecureMe – Design Consideration

• Secure by Design– Minimum Android Permissions

• Network Access• Boot Completed

– Not accessing sensitive data

SecureMe – Design Consideration

• Secure by Design– Minimum Android Permissions

• Network Access• Boot Completed

– Not accessing sensitive data– Post scanning actions

• Uninstall unsafe app• Update app using Google Play

Store• Keep using app

– Why not disable app?

SecureMe – Design Consideration

• Secure by Design– Minimum Android Permissions

• Network Access• Boot Completed

– Not accessing sensitive data– Post scanning actions

• Uninstall unsafe app• Update app using Google Play Store• Keep using app

– Why not disable app?– Active over Mobile Data and WiFi

SecureMe – Design Consideration

• App Scanning– Pre/Already installed apps– Just installed app– Updated app

• Scan depth– Low, Normal, Medium– High, Intense

• Scheduled Scan

SecureMe Droid Internals

• Install SecureMe Droid– Google Play Store– Download from https://secureme.securitycompass.com/

SMD: Internals

• SecureMe Droid detects– New app installation– Existing app update– Scan any installed app

• No sensitive information

SMD: Internals (contd.)

• SecureMe Android Client and Server– HTTPS Communication

• Find security issues:– NVD CVE database

SMD: Internals (contd.)

• SecureMe Scan Results– App is safe – App is unsafe

• Uninstall App• Keep App• Update app using Play Store

SMD: Internals (contd.)

• Am I Vulnerable (AIV)• Re-branded to SecureMe – Droid (SMD)• AIV + ReBranding = SMD

Where is AIV?

Demo Time

Conclusion• Fun side project• First ever conference acceptance and rollout• You MUST use it and provide feedback!

Abhineet JayarajSecurity Consultant

Vishal AsthanaRegional Director, India Operations

THANK YOU!

abhineet@securitycompass.com vishal@securitycompass.com

W W W . S E C U R I T Y C O M P A S S . C O M