NowSecure & the OWASP MAS Project
NowSecure has partnered closely with the OWASP community since the start of the OWASP Mobile Application Security (MAS) Project, with OWASP MAS Project co-leader Carlos Holguera on staff guiding the many contributors.
Get A Demo
Dedicated to supporting the creation of mobile app security standards and delivering products and services that leverage OWASP specifications, NowSecure is the first recognized OWASP MAS Advocate and OWASP God Mode sponsor.
Get Standards-Based Testing with NowSecure & OWASP
Mobile AppSec teams trust the OWASP MASVS and MASTG to craft policies for architecting, building and testing mobile apps securely based on their relevant risk profile. NowSecure automated security testing and pen testing assessments map to the OWASP MASVS to help dev and sec teams achieve compliance with their Mobile AppSec policies.
A Partnership of Experts
NowSecure has more than 12 years of mobile app security experience and has supported the OWASP MAS project since its inception, collaborating on spec evolution and tooling while serving as an OWASP “god mode” sponsor for the OWASP MASVS. OWASP has recognized the “significant and consistent resources” NowSecure has dedicated to advancing the OWASP MAS project by awarding the highest status that companies can achieve, “OWASP MAS Advocate”.
Automated OWASP MASVS Coverage with NowSecure Platform
NowSecure Platform provides coverage for OWASP MASVS with highly accurate automated assessments and results that map directly to compliance requirements. With more than 600+ security and privacy tests and a battery of SAST, DAST, IAST, and APISec in every assessment, plus embedded developer remediation resources like sample code and developer documentation, finding and fixing OWASP MASVS issues can be done rapidly in any DevSecOps pipeline. Security teams can also take advantage of a clear and concise OWASP MASVS Compliance Report to understand if their app meets the requirements. NowSecure also supports the OWASP CycloneDX standard and NowSecure Platform generates a CycloneDX formatted dynamic Software Bill of Materials (SBOM) with each mobile app assessment.
Mobile App Pen Testing for for OWASP MASVS
The consultative approach of NowSecure Pen Testing as a Service means that every engagement starts with a threat model leveraging OWASP MASVS. Our team of expert mobile app pen testers provide full coverage for OWASP MASVS L1, L2, L1+R, and L2+R. All pen tests also include remediation assistance and a free retest to ensure that the issues found have been fixed. NowSecure PTaaS options combine continuous automated security testing and expert pen testing using OWASP MASVS at a frequency tuned to your requirements.
Free OWASP MAS Training
NowSecure Academy offers free, on-demand training on the OWASP MAS, MASVS, and MASTG. By sponsoring and frequently speaking at OWASP Global and Regional events, NowSecure provides community learning to drive adoption and helps organizations get an inside look at upcoming developments. With Carlos Holguera, one of the OWASP MAS Project co-leads, as a part of the NowSecure research team, NowSecure can provide an insider’s perspective of the standard’s evolution.
Testing for All Standards
NowSecure supports standards-based testing for a large number of standards including OWASP MASVS. Leveraging the OWASP MASVS, NowSecure and experts helped craft the ADA MASA standard for Android apps. NowSecure is an ADA Authorized Lab and IoXt Authorized Lab providing industry certifications. By using the NowSecure Platform Policy Engine, customers can customize for their relevant requirements or choose compliance standards such as the OWASP MASVS.