Case Study: How to Strengthen Mobile App Security TestingPosted by Amy Schurr
No two organizations face the same challenges in securing their mobile applications — variables include the type of mobile app, frequency of release, maturity of the application security testing program, staffing levels and a host of other factors. But what many companies have in common is that they rely on NowSecure automated mobile application security testing solutions and services to verify the apps they build and buy are safe for use by customers and employees.
Critical COVID-19 Mobile App Requires Compliance
When clinical informatics company My Own Med, Inc., developed a healthcare app with COVID-19 resources for the Drexel University community, Chief Digital Officer Trang Gisler realized the app needed to be secure and protect private information. The Drexel Health Tracker app for Android and iOS enables users to track health, access FAQs and connect with Drexel Health Resources. Users can select symptoms such as a fever, cough or shortness of breath.
“I wanted an organization like NowSecure to provide us with robust testing, especially because we have patient-facing mobile apps that are subject to regulations,” Gisler says. “We wanted to ensure complete quality testing of regulatory and legal parameters such as HIPAA.”bu
After researching and exploring testing options, Gisler determined that a mobile application security assessment conducted by NowSecure experts was the best course of action. MyOwnMed provided NowSecure with the app binaries and less than 24 hours later, the NowSecure Services team delivered a comprehensive report outlining the Drexel Health Tracker app security and privacy vulnerabilities.
“They have a fantastic team and are very responsive — we were happy with both the fast response and the quality of the team,” says Gisler. “Everybody was on board to get the work done quickly.”
Speed was of the essence in delivering a healthcare app as the pandemic was taking hold across the United States. “We reached out to NowSecure and were pleased that they rapidly responded in 24 hours to test our mobile app so we could speed it to market from start to finish in just a few weeks,” said MyOwnMed CEO Vicki Seyfert-Margolis CEO.
Thanks to the services engagement, MyOwnMed uncovered security, privacy and compliance vulnerabilities in the app and received detailed recommendations for vulnerability remediation. After fixing the vulnerabilities that were found, MyOwnMed had NowSecure retest the app and was able to quickly deliver an app that helps research and curb the spread of the coronavirus. Discover more about the MyOwnMed mobile application security engagement in this case study.
Sensitive Messages Demand Privacy
Longtime NowSecure customer Vaporstream makes a secure communication platform that enables confidential and leakproof conversations, disappearing messages and advanced content controls. The company helps organizations in energy, finance, government, healthcare, higher education and law safeguard their data while maintaining compliance. Organizations in highly regulated industries require verification that the solutions they use are secure and private by design.
That’s where NowSecure comes in. Vaporstream uses NowSecure Platform – automated mobile application security testing software – to pinpoint vulnerabilities and provide confidence that the code is free of security, privacy and compliance issues prior to release. The NowSecure SaaS solution integrates into the CI/CD toolchain to deliver full-coverage assessments within 15 minutes and automatically notifies developers of any security or privacy issues.
Such a tool fits in well with Vaporstream’s culture centered around security and privacy. “From the moment NowSecure introduced the solution to us two years ago, it was clear that it deserved a place in our testing process,” said Vaporstream Chief Technology Officer Avi Elkoni.
In addition, Vaporstream engages NowSecure to conduct a yearly independent third-party mobile app security and privacy validation for auditing purposes. This certification gives Vaporstream customers the assurance that the Vaporstream messaging solution is safe to use in their enterprises.
“Don’t trust any company that tells you they’re secure but hasn’t had an appropriate expert third-party verification,” advised Vaporstream CEO Galina Datskovsky. “An impartial third-party assessment is really the only way to double check and triple check.” To learn more about how Vaporstream benefits from its relationship with NowSecure, refer to the full case study.
Discover Why Customers Choose NowSecure
Finally, see what other NowSecure customers say about how our automated application security and DevSecOps testing solutions and services solve their challenges to help cost effectively speed the release of secure mobile apps.
Experience the power of NowSecure Platform yourself by obtaining a demo or consulting with our expert services team.