Did you know that the mobile app supply chain contains more than 6 million apps? The SolarWinds breach underscores the need to continuously monitor the supply chain for security, privacy and compliance risks. Protect your enterprise with continuous mobile app vetting and risk management.
U.S. federal agencies such as the Department of Defense have adopted mobile DevSecOps to unleash speed and innovation. But risks are plentiful and mobile app security issues have put service members in harm’s way or potentially compromised intelligence. Including security in the mobile app dev process and vetting software supply chain components enables federal agencies to achieve continuous security through automation.
NowSecure analyzed a mix of 75 Android and iOS holiday mobile apps for security and privacy risks. Overall, the results of our benchmark testing were disappointingly poor. Among the holiday apps we tested, 94% have security issues and 82% leak private data which indicates users should proceed with caution.
Mobile apps have become a top target for attackers and a high-risk vector for users and businesses alike. In fact, Gartner has warned, “Through 2022, mobile application security failures will be the biggest mobile threat for enterprises.” In order for their digital transformation efforts to succeed, companies must offer an innovative mobile app user experience combined with proper security and privacy protections.
NowSecure recently added API Security Testing to its portfolio of automated mobile application security testing solutions. Based on the OWASP API Security Top 10, the new capabilities enable app development and security teams to dynamically discover API risks and vulnerabilities and address them quickly before software release. NowSecure API Security Testing taps the NowSecure advanced dynamic test engine to discover and generate a list of all mobile-connected APIs; warn of any mobile-connected APIs that may violate OWASP API Top 10 and recommend further action; and help users identify unapproved “shadow APIs” that put their businesses at risk.
NowSecure announces the release of NowSecure Workstation 6.0. The turnkey hardware and software kit that empowers analysts to quickly conduct deep mobile application security assessments of Android and iOS apps and generate customized reports with actionable results users can trust. Traditional mobile app penetration testing can consume at least two weeks of manual effort and requires ample expertise and an abundance of open-source tools. NowSecure Workstation reduces testing time from weeks to mere hours, driving dramatic 10x productivity gains and scalability.