NOWSECURE PLATFORM UPDATE DELIVERS GROUNDBREAKING PRODUCTIVITY, PERFORMANCE, COVERAGE AND COST SAVINGS FOR MOBILE APPLICATION SECURITY

Latest version automates policy-driven security testing and dramatically expands mobile security assessment coverage for faster, higher-quality mobile app software delivery at lower cost.

NOWSECURE PLATFORM UPDATE DELIVERS GROUNDBREAKING PRODUCTIVITY, PERFORMANCE, COVERAGE AND COST SAVINGS FOR MOBILE APPLICATION SECURITY NOWSECURE PLATFORM UPDATE DELIVERS GROUNDBREAKING PRODUCTIVITY, PERFORMANCE, COVERAGE AND COST SAVINGS FOR MOBILE APPLICATION SECURITY Show More
magnifying glass icon
Andrew Hoog, CEO and Co-founder of NowSecure

Andrew Hoog

Founder

Andrew Hoog is a computer scientist, mobile forensics researcher, and Founder and Board Member of NowSecure. Hoog has one patent issued, and two pending, and is the author of two books on mobile forensics and security. When not breaking (or fixing) things, he enjoys great wine, science fiction, running and tinkering with geeky gadgets.

In case you missed it – Incident Response Playbook for Android and iOS at RSA Conference 2016

As many IT and security professionals know, dealing with a compromised mobile device is different than responding to a network- or computer-based security incident. Last week, NowSecure CEO and co-founder Andrew Hoog explained the differences and provided tips about how to prepare for and respond to a mobile security incident during two presentations of his talk, “The Incident Response Playbook for Android and iOS,” at RSA Conference 2016. NowSecure hosted an online, encore presentation of Hoog’s talk in March, and you can watch a recording of that webinar. Some examples of how mobile incident response differs from the traditional variety include:

  • Mobile devices are almost always powered on and connected to a network
  • The bring-your-own-device (BYOD) trend and dual-use of devices (for both organization and personal activities) can make investigations more difficult
  • App sandboxing complicates defending mobile endpoints from attack
  • Mobile incident response tools are completely different and, at this time, there aren’t many available

During his presentation, Hoog emphasized the importance of gathering historical device data, “The more historical data you have about the posture of a mobile device over time, the more effective your response will be in the future.” Hoog recommended that organizations begin preparing for a mobile incident by performing a mobile threat assessment, which starts with an inventory of mobile devices that interact with corporate assets. After an inventory is complete, an organization should take the following actions:

  • Survey available mobile security intelligence
  • Correlate it with their inventory
  • Address the mobile risks they’re capable of mitigating
  • Document remaining risks
  • Prepare playbooks for any risks or attack vectors they can’t remediate

If you’re interested in more details, download Hoog’s slides or watch a recording of the encore webinar presentation. You may also want to review the first three chapters of the book “Incident Response for Android and iOS,” which NowSecure recently published online for free.

https://www.youtube.com/watch?v=5oLYRW17u5w