Blog

Featured Post

Q&A: What Is It Like to Be a Mobile App Pen Tester?

Because NowSecure was founded as a mobile application forensics company a decade ago, penetration testing is built into our DNA. We’ve tested thousands of Android and iOS apps on behalf of our customers, uncovered some scary vulnerabilities and helped customers improve the security of their mobile apps. The following is the third installment of an

Read Now >
Featured Post

Extend Your MDM with Third-Party Mobile App Risk Visibility and Control

The NowSecure Enterprise Mobile App Risk Management Service can give organizations peace of mind by filling the mobile app security gap not covered by MDM. Offloading the chore of vetting thousands of third-party and supply chain mobile apps for security vulnerabilities and privacy flaws frees agencies to focus on work that advances their mission.

Read Now >
Featured Post

How to Guard Against Mobile App Deep Link Abuse

Mobile app developers often use deep links to improve the user experience and engagement by helping users navigate from the web to their app. However, our security testing has found an easily exploitable vulnerability when deep links are used incorrectly for authorization purposes. This blog will explain how this vulnerability can be exploited and how to safeguard your app by using the more secure version of deep links, App Links.

Read Now >
Featured Post

Infographic: How to Spot a Fake Android App

Most of us know to think twice before downloading a mobile app from a source other than Google Play. But not everything from there is safe, either. Researchers have discovered hundreds of fraudulent Android apps that can compromise your security and privacy. Consult this infographic to know some of the telltale signs of a bogus Android app.

Read Now >
Featured Post

How to Deliver on DevSecOps While Winning Support from the DevOps Team

A mobile app security testing tool must meet the needs of your DevOps team and help them quickly find and fix vulnerabilities. Look for solutions that integrate with the Devs toolchain via plug-ins or APIs and interoperates with other tools to aid the mission of developing secure mobile apps faster.

Read Now >

Frida 12.3 Debuts New Crash Reporting Feature

The Frida 12.3 open-source software dynamic instrumentation toolkit offers an exciting new app crash reporting feature that provides more details about failed jobs and enhances iOS crash reporting. Learn about this new capability and how it saves Frida users time and improves the experience of NowSecure customers.

Shining a spotlight on privacy violations in children’s mobile apps

Amidst increasing concern over compliance with the Children’s Online Privacy Protection Act and data privacy, we tested 50 Android mobile apps for young kids for security and privacy risk. The findings show worrisome vulnerabilities in webview, network and Inter-Component Communication.

Make Time for These Six OWASP AppSec California Sessions

Heading to OWASP AppSec California conference next week? Make the most of your time there with our recommended picks for all things mobile application security, DevSecOps and open source.

Detecting Mobile AppSec Testing Vendor Bullsh#t (BS)

While mobile app security testing is fairly new, we still see a considerable share of BS from vendors. Inspired by a similar DoD document for Agile, we created our own list of crucial capabilities and key questions to ask prospective tool vendors.

2019 Predictions for Mobile AppSec and DevSecOps

With a new year upon us, now’s the time to peer into the crystal ball. Discover what NowSecure employees think 2019 holds for all things mobile application security and DevSecOps.

Greatest Hits: Our Top 10 Mobile AppSec Blog Posts in 2018

As 2018 draws to a close, it’s been a busy year in mobile application security. In a time of reflection, we offer a rundown of our Top 10 2018 articles about mobile appsec and DevSecOps. Which is your favorite?

PRIVACY DISCLOSURE: NowSecure uses first party and third party cookies to provide functions of this website and our services, to uniquely identify visitors, to analyze use of our website, and to target our marketing. You can choose to block cookies using your browser settings. By continuing to use our website or services you indicate your agreement. To learn more about the cookies we use and how we may collect and use your personal data, visit our Privacy Policy