Web Application Security-WhiteHat Security Products

Securing Mobile Applications with NowSecure

Mobile applications are used every day for activities such as making a doctor’s appointment, viewing medical test results, checking a bank balance, reading emails, filing expense reports, and much more. The Internet Society Global Internet report forecasts mobile internet penetration to reach at least 71% by 2019.

While they increase productivity and improve quality of life with easy and effortless access to information, mobile applications also create some unique and unforeseen security challenges; if not written properly, mobile applications can leak personal data and violate the user’s privacy. Data breaches via mobile applications cost organizations large sums in fines and judgements.

The use of personal devices for work, which is a commonly accepted practice, complicates matters further. One vulnerable app can put not only personal, but also corporate data at risk, and open a hole in the perimeter of network security. According to the 2016 BYOD & Mobile Security spotlight report, “one out of five organizations (21 percent) experienced a security breach through the use of BYOD or corporate-owned mobile devices.” Mobile application security is a serious concern for users, developers, and security teams.

At WhiteHat Security, we are pleased to be partnered with NowSecure, a leading mobile security platform provider, to enhance our best-in-class mobile application security testing solution. This partnership will enable us to further strengthen our Sentinel Mobile offering and better meet the needs of our customers. The new Sentinel Mobile Express, powered by NowSecure, provides:

  • Faster turnaround for mobile security testing: With new technologies and frameworks, app development has become easy with shorter dev and release cycles. With this partnership, Sentinel Mobile Express is a good fit for a quick app review, and includes all developer-signed binaries.
  • Better coverage: New technology enhancements that, combined with WhiteHat’s existing mobile application testing capabilities, include:
    • Behavioral testing: Analysis of permissions requested and actions performed by the application during dynamic testing.
    • Business logic assessment: Analysis of workflows to find vulnerabilities (e.g., in shopping cart or forgotten password workflows).
    • Network related testing: This includes broken SSL checks, sensitive data in transit checks, app transport security checks, etc.
    • Client-side testing: Extensive client-side testing including configuration, file system, and authentication-related checks.
    • Server-side testing: The testing process will exercise static code and identify vulnerabilities on the server side of the mobile application.
  • Integration with SDLC: With our Static analysis engine, Sentinel Mobile users can scan their application source code to find and fix vulnerabilities earlier in the development cycle.

NowSecure integration in Sentinel Mobile is expected to be available on November 1.

If you’re looking for a fast and accurate mobile security solution, you’ve got to take a closer look at Sentinel Mobile Express.  And if you have questions, comments or feedback, feel free to reach out to us. We’d love to hear from you!

Learn more by reading today’s announcement, WhiteHat Security Partners with NowSecure to Deliver the Industry’s Fastest, Most Accurate Mobile Application Security Testing Solution.

Tags: application security, Mobile Application Security, static analysis