NowSecure Lab

Mobile App Security Assessments

Leading developers and security analysts worldwide count on NowSecure Labâ„¢ mobile app security assessment tools, available both on-premises and in the cloud, as a comprehensive solution for mobile app security.

Cloud-based App Testing

NowSecure Lab allows you to conveniently perform fully-automated, cloud-based static analysis in minutes. It features detailed reports, industry-standard mitigation recommendations and compatibility with leading continuous integration frameworks. The premium edition offers unlimited tests and a full range of features while the free edition offers limited features and tests.

Sign Up for Free

Advanced On-Premises Solution

NowSecure Lab is available for unlimited, on-premises testing with provisioned mobile devices (iOS and Android) and an advanced software suite. Static, dynamic and behavioral mobile analysis tools are pre-installed. This on-premises solution allows full control of the testing conditions and enables the analyst to automate most of the security assessments.

Schedule a Demo

Streamline your testing process

NowSecure Lab is designed to test for security and privacy issues in owned and third party apps across the Secure Software Development Lifecycle. NowSecure Lab allows you to streamline app testing during development to preemptively eliminate risk before it affects your business or your customers, and also test for issues in apps already in the market. A security analyst can quickly access and run automated tests with the latest mobile analysis tools, including NowSecure Lab's continuous integration plugins, to customize and generate reports. The ability to control testing conditions both on-premises and in the cloud, run unlimited tests and get automated results in minutes are key benefits of NowSecure Lab.


Repeatable process

Test custom and third-party applications

Unlimited mobile application tests

Detailed, customized reporting

Recommendations for vulnerability remediations

Constant enhancements and updates

Areas of Analysis

  • Authentication

  • SSL enforcement
  • Password strength and complexity
  • Insecure credential transmission
  • TouchID bypass check
  • Network & Web Traffic

  • Insecure data transmission
  • Man-in-the-middle attack
  • SSLStrip Attack
  • Server Port and SSL Scans
  • Proxy data interception
  • Forensic Data

  • App data profiling
  • File system permissions
  • Insecure credential storage
  • Insecure app data storage
  • App Memory (RAM) analysis
  • Log file leaks
  • Advanced artifact viewer
  • Keychain analysis (iOS)
  • App Coding & Reversing

  • Code decompilation
  • Code obfuscation/encryption
  • Compilation insecure flags
  • App certificate
  • Application permissions and activities
  • SQL injection/path traversal
  • Reverse engineering shells