As a proud sponsor of the OWASP Mobile Security Project and the Global AppSec conference, NowSecure researchers helped develop and maintain the Radare2 Pay v1.0 Android crack-me app featured in the OWASP Mobile Security Testing Guide (MSTG). Intended to be similar to popular mobile payment applications, the Radare2 Pay app is difficult to crack. It features layers and layers of obfuscation and protection and anti-rooting technology in order to delay attacks.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.
OWASP’s Global AppSec DC 2019 takes place Sept. 9 – 13 in Washington, D.C. Find our picks for several training and conference sessions to build your knowledge about mobile DevSecOps and application security, book a meeting with us and visit Booth S7.
Managers can find guidance for mobile app security verification and testing requirements from the OWASP Mobile Security Verification Standard (MASVS). We recommend using MASVS as a starting point for developing a plan of attack and standardizing testing using the Mobile AppSec Model. Learn more about it here.
As organizations dig into secure coding and testing best practices, they quickly discover a variety of sometimes confusing approaches and solutions for mobile app security testing. Security professionals and leaders alike can ease the process of finding the testing tools that best fit their needs by requiring mobile app security standards in their selection criteria.