IDC estimates that by the end of 2019, organizations worldwide will have spent more than $1 trillion on digital transformation initiatives. But organizations struggle to develop apps fast enough to satisfy business demand and security often falls by the wayside. Learn how mobile DevSecOps can support digital transformation by enabling companies to swiftly develop apps without compromising security.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.
In the course of performing Android application security testing, I suspected that a library called libpac might be vulnerable to exploit. This vulnerability has been assigned CVE-2019-2205. Google deployed a fix and we recommend all users apply it to secure their devices against exploitation.
While corporations widely recognize the convenience and productivity enhancements that mobile applications deliver to their customers and employees, too few realize that mobile apps also can present significant security and privacy risks. It’s not difficult to find examples of mobile app data breaches that resulted in severe consequences, both in terms of money and corporate reputation. Given that smartphone apps account for 63% of total digital minutes, according to the Comscore “2019 Global State of Mobile” report, it stands to reason that attackers are going where the traffic is.
NowSecure enables organizations to leverage Microsoft tools such as Azure DevOps, Visual Studio, Visual Studio App Center and GitHub to ship software faster. Over the years, NowSecure has helped organizations automate security and privacy testing of mobile apps in their DevOps continuous delivery toolchains. We’re pleased to announce the availability of a new pre-built connector for Azure DevOps and Azure Pipeline CI/CD tools — the NowSecure Extension for Microsoft Azure DevOps. Devs can find the Azure DevOps extension in the Microsoft Visual Studio Marketplace. Formerly known as Visual Studio Team Services, Microsoft Azure DevOps provides developers with a suite of integrated tools.
To improve the guest experience and keep pace with competition, hotels worldwide are deploying digital key technology that allows guests to skip the front desk and use their mobile apps to remotely check in and go directly into their rooms without needing key cards. However, hotel mobile apps have vulnerabilities that can be exploited, as researchers demonstrated at the Black Hat USA 2019 conference.