Silent Saboteurs: Preventing Supply Chain Attacks in Mobile App Security
Mobile app development is full of dependencies and risks that you often don't control or even see. Third-party libraries, SDKs, and automated build systems speed up delivery—but they also open the door to hidden vulnerabilities. One compromised component in your supply chain can quietly expose sensitive data, leak IP, or damage your business before anyone notices.
Join Quokka for a practical discussion on how supply chain attacks target mobile apps—from malicious SDKs to compromised CI/CD pipelines. We’ll break down vulnerabilities in the mobile app supply chain and show steps you can actually take to reduce risk—without slowing down your dev team.
Key Takeaways:
- Real-world examples of mobile app supply chain breaches
- How attackers exploit third-party code and CI/CD environments
- Practical risk reduction strategies: SBOMs, code signing, runtime checks
- How to shift security left, without dragging down development
If your apps rely on third-party code—and they do—this session is worth your time. Register today!
Speaker Details
Ilya Dreytser has been testing mobile apps for security, performance, and functionality for the past 7 years. Previously Ilya presented at DroidCon, Div0 in Singapore, and various OWASP and ISSA events. Known for his engaging speaking style, Ilya’s journey began as a developer before transitioning into customer-facing work in security testing. He has a unique ability to break down complex mobile vulnerabilities into easy-to-understand concepts while providing real-world solutions. When he's not diving into mobile security, you might catch him enjoying the sunshine after years of basement coding!
Ilya is currently the VP of Solutions Engineering and Customer Success at Quokka. He is a senior leader of the customer engineering organizations with over 20+ years of experience in software development, pre-sales engineering, enterprise sales, and post-sales consulting and training.
Event Topic
Cybersecurity, DevOps/DevSecOps, MobileRelevant Audiences
National Guard, Coast Guard, Central Intelligence Agency, Department of Agriculture, Department of Commerce, Department of Defense, Department of Energy, Department of Health and Human Services, Department of Homeland Security, Department of Housing and Urban Development, Department of Interior, Department of Justice, Department of Labor, Department of State, Department of Transportation, Department of the Treasury, Environmental Protection Agency, Federal Aviation Administration, Federal Communications Commission, Food and Drug Administration, Federal Emergency Management Agency, General Services Administration, Government Accountability Office, National Aeronautics and Space Administration, National Institute of Health, National Security Agency, U.S. Census Bureau, U.S. Office of Personnel Management, U.S. Postal Service, Veterans AffairsOther Agency
Office of the President (includes OMB), Other Federal Agencies, Judicial Branch Agencies