Certified Mobile Appsec Expert (cmae) Review
The Certified Mobile AppSec Expert (CMAE) is a mobile security course focused on both iOS and Android platforms. The benefit of this exam is that it allows you to go at your own pace and does not require a full mock report. Though you will need to be able to describe security vulnerabilities in detail with proof of concepts and mitigation. Personally I prefer a timed base test and mock report similar to OffSec exams.
Background
I currently work as a Senior Mobile Security Engineer so my day to day is a bit different in terms of the overall exam. Though my prior experience is in security consulting mostly with API, web, and mobile based applications. So that reflects a lot of the material found in this course exam.
Preparation
I went through the entire iOS Application Security course this was helpful in gaining a decent understanding of the course material and needs for passing the exam. Prior to this I went through the eMapt course and Android 7aSecurity mobile security course. There are dedicated mobile applications to overview the security topics described in each section of the course. So this gives you a good overview of the material to pass the exam.
Resources for Exam
Mock Applications
https://www.insecureshopapp.com/
https://github.com/prateek147/DVIA-v2
OWASP MASTG
Who Should Take This Course?
I would say if you are new to mobile security, junior or associated level, and want to up-skill in this area for career or educational purposes, this is a good course to start with. The Cyber Mentor PJMT could also be another good exam to start with.
In my experience some mobile security training courses that focus on security are somewhat out of date. Either the content does not show up to date jailbreak methods, overview newer tooling like medusa, custom frida scripting, or user land / kernel based fuzzing. So this is a good entry level course for the price point.