To pin or not to pin: SSL pinning for Android & iOS

Should you pin? And if so: on what? On the certificate? On the public key? Should you follow http public Key pinning? And to which certificate: leaf, intermediate or root? And how can you easily do this with Android and iOS? In this talk we will briefly go to the highlights on pinning on mobile and if you do it, how you can best apply it. Jeroen Willemsen is a security architect with a passion for mobile and risk management. He loves to work on secure building blocks, security automation pipelines and embedding information security risk management controls in an agile environment. He is dedicated to help developers, product owners and architects to take security seriously in their daily development life (but not too serious of course ;-)).