Nobody wants to develop insecure mobile apps, but mistakes can happen when people move quickly to meet a release timeline. Familiarize yourself with the Open Web Application Security Project (OWASP) Mobile Top 10 common mobile application security issues and adopt secure coding best practices to boost quality. In addition, continuously test apps in the dev toolchain with SAST, DAST and IAST automated mobile application security testing.
In keeping with our history of innovation and commitment to security, we are pleased to announce that NowSecure has achieved a significant milestone in completing a SOC 2 security audit. The report attests that NowSecure has controls which are suitably designed and effectively operated to meet our commitment to customer security. NowSecure is the first mobile app security vendor to achieve SOC 2 compliance.
Whether you’re a novice mobile app developer, a seasoned mobile application security analyst or somewhere in between, here’s a roundup of 31 best practices to hone your secure coding and mobile appsec testing skills. You can find useful advice from NowSecure experts in our twice-monthly “All Things Mobile DevSecOps” newsletter — subscribe now to be in the know.
Mobile app security vulnerabilities have put the U.S. Navy and Marines, the Ukrainian military, and military bases and installations around the world in harm’s way. hackers and nation states could learn the locations of troops using the mobile apps, and in some cases could also access other highly sensitive operational information. Learn how National Information Assurance Partnership (NIAP) mobile app vetting requirements help reduce risk to federal missions.
Many mobile app developers with the best of intentions have rushed COVID-19 apps to Google Play and the App Store to assist with contact tracing, symptom diagnosis and outbreak maps. But in the speed to get apps that can help fight the pandemic out to the public quickly, some security and privacy vulnerabilities went undetected prior to release. Because the sensitive nature of healthcare information creates unique security and privacy challenges, I advise mobile app developers and security analysts to heed the following advice to avoid fairly common security, privacy and compliance issues.
In this dire time, the world is grasping for critical healthcare solutions to fight COVID-19. Incredible people have stepped up to leverage technology in meaningful ways to benefit humanity. The current stay-at-home orders afford app developers precious time to build innovative solutions that can help speed the return to normalcy. Thanks to our significant experience writing and testing the security of mobile applications, we’ve amassed a series of best practices that can guide the development of safe COVID-19 apps.