Both static and dynamic security testing are essential components of the mobile app software development life cycle (SDLC). While Static Application Security Testing (SAST) tests snippets of source code, Dynamic Application Security Testing (DAST) fully exercises the compiled mobile binary as a user would. Read more about the misconceptions of DAST for mobile.
In early September, radare2 users and developers from around the globe gathered in Barcelona for r2con, an annual conference celebrating the r2 multi-platform, open-source, reverse engineering framework supported by NowSecure. Around 200 attendees enjoyed four days of hacking, teaching, discussing, coding, socializing and having fun.
NFL teams have redesigned their mobile apps to enhance the fan experience, both in stadiums and at home. Fans can turn to their smartphones for digital ticketing, live video streaming, in-seat concession ordering, contest participation and cutting-edge features like augmented reality. However, a NowSecure analysis shows most of these apps have privacy risks, especially on iOS.
OWASP’s Global AppSec DC 2019 takes place Sept. 9 – 13 in Washington, D.C. Find our picks for several training and conference sessions to build your knowledge about mobile DevSecOps and application security, book a meeting with us and visit Booth S7.
The use of insecure mobile apps is a problem recognized all too well by Avi Elkoni, chief technology officer and chief operating officer for Vaporstream. Chicago-based Vaporstream provides a secure communications app that it validates with NowSecure solutions and services.
“We have customers in regulated industries — people subject to HIPAA, those who work with financial information or in energy — and they’ve been dying for years to take information and share it with their mobile devices,” Elkoni says.
Check out this infographic to see how mobile has transformed organizations and why building security and privacy into the development process through mobile app sec testing simply makes good business sense.