Although we recommend periodic in-depth pen tests for high-risk mobile apps that run business-critical processes or access sensitive information, this practice doesn’t scale well for DevOps teams. Mobile app pen testing requires intense human labor that simply can’t keep pace with the volume, velocity and frequency of DevOps releases. Many organizations can benefit from incorporating automated mobile appsec testing in the mobile DevSecOps toolchain to speed the delivery of secure mobile apps.
A keen focus on technology has helped fast casual company Sweetgreen expand across the nation. The company has plans to create a ‘food platform’ or integrated food system from supply chain all the way to delivery. Sweetgreen is but one example of mobile digital transformation that dramatically changes the way that companies interact with their customers, employees and partners. And attackers have taken notice of mobile.
Recent enhancements to the Frida open-source dynamic instrumentation toolkit greatly ease the process of conducting jailed testing. You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you. This post will walk you through the process of using Frida on a jailed device.
What will 2020 hold for mobile application security? NowSecure predicts we’ll see an intensified focus on privacy, mobile DevSecOps gaining traction and ample activity around wearables and Internet of Things (IoT). Here are some of the mobile appsec trends and challenges that our experts anticipate we’ll see in 2020.
IDC estimates that by the end of 2019, organizations worldwide will have spent more than $1 trillion on digital transformation initiatives. But organizations struggle to develop apps fast enough to satisfy business demand and security often falls by the wayside. Learn how mobile DevSecOps can support digital transformation by enabling companies to swiftly develop apps without compromising security.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.