NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING

NowSecure MARI is the industry’s first simple risk score based on millions of assessments that identifies third-party apps vulnerable to PII and IP exfiltration, supply-chain and MiTM attacks and sensitive data theft.

MARI Datasheet featured image 768X480
NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy Show More
magnifying glass icon

By the end of 2019, organizations worldwide will have spent more than $1 trillion on digital transformation initiatives — and that’s just the start. IDC analysts expect the outlays to accelerate through the new decade with digital organization driving 50% of global GDP. Within a few years, annual spend on transformative projects will double.

Mobile apps rise front and center in all of these investments. According to the experts at Altimeter Group, mobility plays dominate two of the top three goals for digital transformation efforts.

That’s because mobility operates as the lynchpin of so many other digital transformation initiatives — apps make data analytics ubiquitous, cloud more powerful, AR/VR connected, and Internet-of-Things sensor data and device controls accessible. And the availability of 5G will greatly expand enterprise mobility, thus further increasing the profile of mobile apps in the enterprise.

Mobile App Development Delays

Fueled by digital innovation, demand for mobile app development has soared to unprecedented levels. That in turn tests the bounds of enterprise mobile app development capacity. Numerous reports show that organizations struggle to produce new mobile apps and features fast enough to sate organization and user demands.

For example, one study last fall showed mobile was the Achilles heel for digital transformation efforts, with some 84% of digital leaders reporting their approach to mobile app development was holding their digital transformation initiatives back. Almost half of organization leaders said that the inability to develop organization-supporting mobile apps negatively impacts their market competitiveness.

A more recent study of development capabilities illustrates the ‘why’ behind that sentiment: while web development teams have managed to increase their speed of meeting organization requirements, mobile development teams have just been treading water. Only 55% of organizations say they can deliver mobile apps within four months of a request from the organization, and mobile apps consistently remain in developer backlogs longer than web applications. It’s no wonder companies have begun to embrace mobile DevOps.

Organizations still have work to do in order to reduce the amount of process and tooling friction that grinds the gears of mobile development in order to help developers deliver mobile features faster. But that’s only a portion of the concerns that executives must address on the mobile transformation front.

At the same time that organization units demand speedier delivery of mobile apps, they’re also increasingly demanding a more mature security posture. Approximately 55% of digital transformation leaders say their top fear revolves around security concerns. That risk multiplies as mobile apps become integral to organization strategy.

Clearly, mobile dev teams can’t afford to leave security out of their execution plans for meeting organization requirements. Thus they need mobile DevSecOps.

Scaling with DevSecOps

Unfortunately in the race to deliver mobile features faster, the limitations of traditional appsec testing tools have historically caused security to be left behind. The older methods of scanning web apps for security bugs don’t transfer well to mobile. They’ve effectively become false positive friction factories for mobile development teams already straining to meet rapid turnaround times. And so mobile developers often work in a silo isolated from the stringent testing requirements of the rest of the development processes.

That was OK when mobile apps were an edge case in the enterprise software portfolio. But these days mobile apps are growing to be the main way customers interface with the organization and the way employees access critical data about customers and the organization. It’s no longer safe to allow these applications to run without proper security checks.

All of this adds up to a situation where organizations need to upgrade their processes and their tooling to deliver mobile apps faster AND more securely. It’s not an easy task, but adhering to DevSecOps practices can put both speed and security within within the reach of organizations both large and small.

To learn more about how to swiftly develop apps without compromising security, consult our new ebook, “The Ultimate Guide to Establishing an Effective Mobile DevSecOps Toolchain.” You’ll gain actionable information about seven key best practices that will smooth your organization’s mobile DevSecOps journey.