Android Security Training Course

Course Summary

Android Security is a three-day course focusing specifically on the various security concerns of the Android platform.

We explore the Android architecture and security model, permission system and enforcement, encryption, known exploits, memory protections, data protection, device management, SELinux, as well as tools security researchers use to find Android vulnerabilities. We also focus on best practices for coding and deploying secure Android apps. Learn what to do - and what not to do - to keep your apps, your business, and your customers secure.


Duration [top]

3 days.

Objectives [top]

The objective of Android Security training is to give you a solid understanding of inter-workings of the Android operating system, its security model, and ways to tighten potential security holes. By the end of this class, you will be able to identify the issues, and understand how to go about securing the system and applications running on them.

This class does not cover Android application development in Java nor C programming for the lower levels.

Audience [top]

The Android Security course is designed for security-conscious application developers and system integrators looking to tighten the security of both their devices as well as the applications running on them.

Prerequisites [top]

Android Overview training or any other NewCircle Android class that contains Android Overview module.

It is highly recommended that participants be familiar with basics of Java, C/C++, and Linux administration to fully take advantage of this course.

To refresh your Java skills, you can review NewCircle's Fundamentals of Java tutorial.

Additionally, knowledge of Eclipse is required. You could watch this 30-minute Eclipse tutorial to get up to speed.

Instructors [top]


Adam Breindel brings over 10 years of successes working with cutting-edge technology for small startups as well as major players in the travel, media/entertainment, financial, productivity, and consulting industries.

In addition to web sites, GUI applications, and mobile device software, Adam has also built high-volume middleware for one of the world's largest banks, and produced a new, modern integration to a 1960s-vintage mainframe app for one of the world's largest airlines.

Adam focuses on designing and coding systems in a way that yields predictable results, leverages best practices and high-productivity tools, minimizes excess code, and is fun to do. He has also spoken at tech conferences, written articles and skill assessments, and produced an open source tool for software development. Adam has enjoyed teaching large and small groups, covering topics from nuts-and-bolts Java programming to merging ideal process with real-world constraints in an organization.

More about Adam Breindel...

Outline [top]

  • Android Architecture Overview
    • Android Design Objectives 
    • Linux Kernel Layer 
    • Native User Space Layer 
    • Application Frameworks Layer 
    • Applications Layer 
  • Android Application Model Overview
    • Intents 
    • Activities/Services 
    • Content Providers 
    • Broadcast Receivers 
    • Binder/IPC 
  • Android Security Architecture
    • SELinux 
    • Application Signing 
    • User IDs 
    • File Access 
    • Permissions 
  • Essentials APIs and Best Practices
    • Storage 
    • Unique Identifiers 
    • Storing sensitive data 
    • Injection and Input Validation 
    • Side Channel Leaks 
    • WebView Specific Risks 
  • Advanced Android Security
    • Secure Boot 
    • Encryption 
    • Rooting 
    • Security of Memory 
    • Tap-Jacking on Android 
    • Device Administration 
    • Malware and Exploits

Student Testimonials [top]

Great class. Too bad didn't have time to do the exercise together. Having exercise/labs is excellent idea though. If you come up to Seattle/Bellevue, pls let us, T-Mobile Bellevue, know.

Milton - T-Mobile

Instructor is very knowledgeable on the topic. Great training!

Andres - Intel Corporation

Very good balance of Android basics and security topics. As someone knowing little about either coming in, I learned a lot.

Andy - Department of Defense