Evaluating mobile applications for compliance with National Information Assurance Partnership (NIAP) security requirements can be a lengthy, costly process without automation. But not all NIAP mobile app vetting tools are created equally, so federal government agencies should choose carefully. Some solutions only support partial implementation of NIAP requirements, use an older version or lack complete detail and accuracy that leaves your organization at risk. Learn what questions to ask vendors to choose a tool that meets your needs.
NowSecure Mobile Security Researcher Dawn Isabel has been an avid contributor to bug bounties over the years and has earned many accolades. Before joining the expert research team at NowSecure, Isabel amassed well-rounded experience at IOActive, Hewlett Packard Enterprise, the University of Michigan and Ford Motor Company. We recently spoke with
Isabel about testing the security of iOS and Apple Watch apps, the bug bounty community, and the tools she uses most.
NowSecure announces the release of NowSecure Workstation 6.0. The turnkey hardware and software kit that empowers analysts to quickly conduct deep mobile application security assessments of Android and iOS apps and generate customized reports with actionable results users can trust. Traditional mobile app penetration testing can consume at least two weeks of manual effort and requires ample expertise and an abundance of open-source tools. NowSecure Workstation reduces testing time from weeks to mere hours, driving dramatic 10x productivity gains and scalability.
Nobody wants to develop insecure mobile apps, but mistakes can happen when people move quickly to meet a release timeline. Familiarize yourself with the Open Web Application Security Project (OWASP) Mobile Top 10 common mobile application security issues and adopt secure coding best practices to boost quality. In addition, continuously test apps in the dev toolchain with SAST, DAST and IAST automated mobile application security testing.
In keeping with our history of innovation and commitment to security, we are pleased to announce that NowSecure has achieved a significant milestone in completing a SOC 2 security audit. The report attests that NowSecure has controls which are suitably designed and effectively operated to meet our commitment to customer security. NowSecure is the first mobile app security vendor to achieve SOC 2 compliance.
No two organizations face the same challenges in securing their mobile applications — variables include the type of mobile app, frequency of release, maturity of the application security testing program, staffing levels and a host of other factors. But what many companies have in common is that they rely on NowSecure automated mobile application security testing solutions and services to verify the apps they build and buy are safe for use by customers and employees. Learn how MyOwnMed and Vaporstream have strengthened security of their mobile apps and the successes they’ve enjoyed thanks in part to their use of NowSecure services and solutions.