Before joining the NowSecure research team this year, Grant Douglas worked as a mobile security consultant and has hundreds of mobile app pen tests under his belt. In this Q&A discussion, he shares insight about the differences between an attack and builder mindset, his favorite mobile appsec tools and technologies and his passion for CTF competitions.
NowSecure announces the release of NowSecure Workstation 6.0. The turnkey hardware and software kit that empowers analysts to quickly conduct deep mobile application security assessments of Android and iOS apps and generate customized reports with actionable results users can trust. Traditional mobile app penetration testing can consume at least two weeks of manual effort and requires ample expertise and an abundance of open-source tools. NowSecure Workstation reduces testing time from weeks to mere hours, driving dramatic 10x productivity gains and scalability.
On a mission to save the world from unsafe mobile apps, NowSecure is excited to announce a new partnership with Cybrary to enable more people – anyone, anywhere – to upskill and deliver more secure mobile apps. The launch of Cybrary’s first mobile app security learning course marks a significant step towards closing the knowledge gap and building security into mobile apps by design. The best part? It’s free! Read on to get a synopsis of the course.
Recent enhancements to the Frida open-source dynamic instrumentation toolkit greatly ease the process of conducting jailed testing. You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you. This post will walk you through the process of using Frida on a jailed device.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.
Let’s say a mobile app pen test costs $5,000 in house or $15,000 to $25,000 to outsource. Did you know that an automated mobile app security testing tool costs $10,000 per app per year and can be used for unlimited testing of each and every build? For at least 30% less than the cost of a single penetration test, organizations can employ an automated testing platform that lets them test every build of a mobile app, every day of the year.