Mobile app developers often use deep links to improve the user experience and engagement by helping users navigate from the web to their app. However, our security testing has found an easily exploitable vulnerability when deep links are used incorrectly for authorization purposes. This blog will explain how this vulnerability can be exploited and how to safeguard your app by using the more secure version of deep links, App Links.
Most of us know to think twice before downloading a mobile app from a source other than Google Play. But not everything from there is safe, either. Researchers have discovered hundreds of fraudulent Android apps that can compromise your security and privacy. Consult this infographic to know some of the telltale signs of a bogus Android app.
While mobile app security testing is fairly new, we still see a considerable share of BS from vendors. Inspired by a similar DoD document for Agile, we created our own list of crucial capabilities and key questions to ask prospective tool vendors.
As DevSecOps teams incorporate mobile application security testing into the build pipeline, they need the process to be painless. Follow these smart strategies for selecting and implementing an automated testing tool that keeps pace with the mobile app release cycle and helps ensure security, compliance and privacy.
Popular low or no-code mobile application development platforms empower new ranks of citizen developers. However, the tools can also shortchange application security and must be properly tested before the apps are rolled out. Learn some best practices for safely incorporating these app dev platforms into your organization.
Keeping pace with ever-increasing mobile security threats is a team sport that requires the support and performance of many key players. Here at NowSecure, our security research team spends countless hours helping our customers find and fix vulnerabilities to secure their mobile apps. The research group at NowSecure holds multiple responsibilities. Part of its mission