Mobile app risk is not just a technical issue, it poses a serious business threat. That’s the central message speakers amplify in NowSecure Connect 2025: Avoid the APPocalypse, a virtual event at which industry leaders, security professionals and app development leaders gathered to confront the rising tide of mobile risk.
In his opening keynote, NowSecure CEO Alan Snyder underscored the urgency: mobile apps drive revenue, customer engagement and brand trust, making them prime targets for cyberattacks, privacy violations and business disruption. With mobile apps now surpassing web apps in revenue generation and deeply embedded in operations, organizations can no longer afford to underinvest in mobile app security. That’s why forward-thinking businesses are building mobile application risk management (MARM) programs to safeguard sensitive data and maintain brand reputation.
Did you miss NowSecure Connect 2025? It’s not too late! Register to watch the NowSecure Connect 2025 replay recordings to gain expert insight on how to prevent the next big breach by embedding security early in the development lifecycle, taking advantage of automation and gaining visibility into third-party risks.
Organized in security executive and practitioner tracks, the conference features real-world case studies and partner insights along with hands-on technical sessions and observations about the growing impact of AI in reverse engineering. The event also features updates on the OWASP Mobile Application Security Project and technical training sessions on tools like Frida and Radare.
Follow below for more details about the sessions at a glance.
Did you miss NowSecure Connect 2025? It’s not too late!
Mobile Risk Insights for Everyone
Mission Critical – Why Mobile App Risk Is Business Risk in Safety-Driven Industries
NowSecure CEO Alan Snyder led a fireside chat with Matt Anderson of Humana and Garrett Schumacher of Velentium. Both speakers stressed the importance of mobile app security in protecting sensitive health and medical data. Velentium focuses on the dual risks of safety and security in medical devices and the impact of regulatory compliance on business operations, while Anderson explains the significance of data risk management in maintaining consumer trust and ensuring secure data exchange. Learn their recommendations for the must-have technologies and practices of defense-in-depth approaches.
From Periodic to Persistent: Rethinking Pen Testing with PTaaS
Experts from NowSecure and Synack cover how traditional point-in-time testing no longer suffices due to the rapid evolution of threats. Learn how defense-in-depth strategies include both mobile threat defense and app-specific security and privacy measures.
Mobile App Risk – Trends and Predictions
NowSecure CEO Alan Snyder emphasizes that mobile app risk is business risk and underscores the critical role mobile apps play in driving revenue, operations and customer engagement. He explains that mobile apps require tailored risk management strategies and urges organizations to adopt automated, standards-based mobile app security programs that cover both first- and third-party apps to prevent operational disruptions and protect privacy.
Executive Outlook on Mobile App Risk
End-to-End Application Security for AI-Driven Development
Rapid adoption of generative AI tools such as ChatGPT and GitHub Copilot speed software development and the rise of citizen developers who lack formal security training increases risk. Brian Murphy of NowSecure and Vishrut Iyengar of Black Duck discuss how Black Duck’s application security with NowSecure mobile app security testing helps organizations gain comprehensive, scalable protection across the full app lifecycle — from development to runtime— while maintaining innovation and regulatory compliance.
What CISOs May Miss About Mobile – Ed Amoroso’s Hard Truths and Strategic Advice
TAG Cyber CEO Ed Amoroso chats with Brian Murphy about the importance of mobile as an attack vector, AI, data leakage and the risks of not vetting third-party apps due to misplaced reliance on Apple and Google for security. Amoroso advocates for quantifiable, risk-driven strategies that prioritize mobile app data leakage prevention, call for greater security testing earlier in development and warns that while AI is transformative, leaders must approach its security implications thoughtfully and pragmatically.
Secure the Pocket: Defending Mobile Devices and Apps in a Spyware-Driven World
Adam Boynton of JAMF explores the evolving mobile threat landscape and reveals that only 10% of security budgets focus on mobile protection. However last year, 39% of organizations had devices with known vulnerabilities and phishing attacks proved to be more effective on mobile. The session covers trends in mobile security solutions such as mobile device management, threat defense and forensics tools.
What the Board Needs to Know: Privacy & Compliance in the Mobile Era
NowSecure Co-Founder Andrew Hoog and Steven Roosa, partner with Norton Rose Fullbright, discuss board of directors and mobile security and privacy compliance obligations. As someone who is both technical and an attorney, Roosa anticipates an explosion of risk and litigation and regulatory action. He shares insight about the type of information to share with senior leaders and conveys tips for making it easily consumable and understandable.
AI Risks and Detection in Mobile Apps
OWASP MASTG and MASVS Project Leader Carlos Holguera highlights how AI introduces business risk. He covers how hidden AI components can lead to data leakage, regulatory compliance violations and IP theft. Learn how transparency, AI model tracking and adherence to standards like OWASP MASVS can help executives safely adapt to AI in apps while protecting their organizations.
525,600 Assessments Later – Top Mobile App Risks Since 2022
NowSecure Co-Founder Andrew Hoog shares findings from more than half a million mobile app security assessments conducted over the years. The analysis uncovered widespread issues such as outdated or weak encryption, hardcoded encryption keys and known vulnerabilities in third-party components. These results point to the need for mobile app risk management programs to protect against these gaps.
Tech Talks- Meet the Experts
Read More
Actionable Advice for Practitioners
Mobile Application Risk Management in Action
NowSecure Senior Vice President of Customer Success Katie Bochnowski shares common challenges customers face in building MARM programs and details how NowSecure addresses those needs through policy management, assessment comparisons, seamless DevSecOps integrations, AI component detection and third-party app vetting at scale. She also shares some details about exciting product enhancements coming later in the year.
Beyond the Checklist: Warner Brother Discovery’s Approach to Mobile App Risk Management
Chidanand Bangalore, lead mobile security engineer for Warner Brothers Discovery, discusses how his company defines business risk when classifying apps. Factors such as data sensitivity, scale of user base, technical risks, regional compliance requirements and organizational impact shape the media and entertainment titan’s security investment decisions. Learn how his company built a standards-based approach to securing mobile apps and the technologies and practices they rely on to root out risk.
OWASP MAS Standard Update
OWASP Mobile Application Security Project Leader Carlos Holguera celebrates three years of NowSecure MAS Advocate contributions and presents major updates to the project. Highlights include the pending release of MASTG version 2, which includes enhanced documentation, sample apps, demos and new structured tests. These improvements give practitioners practical resources for trusting and verifying mobile app security weaknesses.
Reversing Forward with r2AI
The creator of Radare, Sergi “Pancake” Alvarez, provides an update on the latest features and enhancements coming to the tool and what AI enhancements users can expect.
Hack to the Future
NowSecure Vice President of Research Dawn Isabel, Tennisha Martin of Black Girls Hack, Katie Paxton-Fear of Manchester Metropolitan University and Jasmine Jackson of The Accelerated Training Program reprise their popular cyberthreats discussion for 2025. The cybersecurity experts talk about industry challenges, advice for job seekers in the age of AI and vibecoding and what technologies they’re watching.
Catch up on any sessions you missed by watching back NowSecure Connect 2025. By the conclusion of the event, participants are equipped with actionable strategies and knowledge to reduce risk and safely speed secure mobile innovation.
The post What You Missed at NowSecure Connect 2025: Mobile Security, Privacy & Compliance Trends appeared first on NowSecure.