Update MSTG with changes in Android 8 (Oreo)

Track: Mobile Security
When: Tue PM-1, PM-2
Organizers Sven Schleier
Participants Carlos Holguera , Arne Zismer

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS).


With every (major) release of Android security controls are added/changed or may become obsolete. This session is to identify these changes in Android 8 and to update the MSTG along the way.


An updated Android chapter in the MSTG that covers the latest changes of security controls in Android 8. The MSTG is hosted in Github and can easily be edited by anyone, just a Github account is needed and knowledge on how to create a pull request.


The target audience for this Working Session is:

  • Android Developers
  • Penetration Testers

Everyone else who is interested in mobile security and some technical know-how :-)


Android Security Android Oreo

Register as participant

To register as participant add Update MSTG with changes in Android 8 (Oreo) to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page

Back to list of all Working Sessions