Whether you’re a novice mobile app developer, a seasoned mobile application security analyst or somewhere in between, here’s a roundup of 31 best practices to hone your secure coding and mobile appsec testing skills. You can find useful advice from NowSecure experts in our twice-monthly “All Things Mobile DevSecOps” newsletter — subscribe now to be in the know.
Mobile apps are critical to enabling the U.S. federal agencies such as the U.S Department of Defense to meet their mission. Core to that mission is ensuring a high security testing bar for the mobile apps they build and use. Until now, completing that security compliance testing has been a complicated, time-consuming manual process that was built for web apps, not mobile apps. Today, NowSecure is announcing the world’s first automated NIAP Mobile App Vetting solution that supports NIAP v1.3 Mobile App Vetting Protection Profile for Application Software.
On a mission to save the world from unsafe mobile apps, NowSecure is excited to announce a new partnership with Cybrary to enable more people – anyone, anywhere – to upskill and deliver more secure mobile apps. The launch of Cybrary’s first mobile app security learning course marks a significant step towards closing the knowledge gap and building security into mobile apps by design. The best part? It’s free! Read on to get a synopsis of the course.
With the Android 11 preview beta being released last month, you may be scratching your head asking, “What did I miss in Android 10?” Developers will face a Nov. 2 deadline to update their mobile apps to accommodate a target SDK of Android API level 29 or higher. The addition of Scoped Storage ushers in noteworthy changes to external storage, otherwise known as public storage, SD card, shared storage, or emulated storage.
In accordance with our Pandemic Plan, NowSecure is taking proactive steps to help ensure the health and safety of our personnel, customers and partners while maintaining continuity of our business operations. We are very focused on serving and supporting our customers through these challenging times. As companies move to remote work, mobile app security and privacy is now more important than ever. The attackers will not stop due to COVID-19 and sadly will attempt to exploit the situation.
Reverse engineering refers to the process of taking something apart to see how it works. The NowSecure Services team frequently performs reverse engineering on mobile apps to uncover security vulnerabilities and privacy flaws. This tutorial will help you master the basics of analyzing an Android app and knowing what to look for.