NOWSECURE CONNECT 2022 CONFERENCE - REGISTER TODAY!

NowSecure Connect — THE mobile AppSec + AppDev community online event — returns with new content and the latest training. Join the world’s brightest innovators, practitioners, community leaders, and industry influencers LIVE online for in-depth training, discussions, strategy sessions, CTF and more. Gain access to keynotes, exclusive breakouts, expert panels, on-demand sessions, plus an interactive peer-to-peer community. #NSConnect22 is your source for cutting-edge mobile AppDev, mobile AppSec and mobile DevSecOps insight. Register your crew today!

NOWSECURE CONNECT 2022 CONFERENCE - REGISTER TODAY! NOWSECURE CONNECT 2022 CONFERENCE - REGISTER TODAY! Show More
magnifying glass icon

NowSecure Announces New Pen Testing Service and Software for OWASP MASVS Compliance

Contact: Hannah LaCorte

Tel: (202) 240-7611

Email: [email protected]

For Immediate Release

March 22, 2022 - 3:00 pm

Expert pen testing team now delivers comprehensive test coverage of the recognized industry standard OWASP MASVS (Mobile Application Security Verification Standard)

CHICAGO – March 23, 2022 — NowSecure, the leading standards-based mobile app security and privacy software company, today announced the world’s most comprehensive mobile app pen testing service for the OWASP Mobile Application Security Verification Standard (MASVS) and the addition of automated MASVS testing to NowSecure Platform. Now mobile organizations, mobile app developers and security teams can turn to NowSecure experts for the gold standard of mobile app testing to ensure proper compliance with the OWASP MASVS.

Mobile apps drive the global economy and 200 billion downloaded mobile apps generated over $170 billion in revenue in 2021. With more than 70% of all digital time spent in mobile apps vs. web apps, mobile is the preferred interface for customers and employees alike. But attacks and breaches also grew alarmingly in the past year with Amazon Ring, Apple iMessage, Park Mobile, Slack and U.S. Customs and Border Protection all experiencing major mobile app security incidents. Overall 85% of tested apps have security vulnerabilities and 70% leak private data as shown in the NowSecure MobileRiskTracker™. Organizations need to be vigilant about building security into their mobile apps and testing rigorously to ensure safety.

Launched in 2013, the OWASP mobile project has driven standards-based security requirements and testing strategies for nearly a decade. Used by mobile app developers, architects, security teams and security researchers, the OWASP mobile project combines three critical resources last updated in January 2022 to provide the best risk reduction approach for mobile app teams:

  • OWASP Mobile Application Security Verification Standard (MASVS) establishes a baseline of security requirements for mobile apps
  • OWASP Mobile Security Testing Guide (MSTG) outlines how to test the MASVS requirements
  • OWASP Mobile App Security Checklist tracks security assessment tasks

NowSecure has contributed to the OWASP mobile project since its inception with NowSecure practitioners collaborating on spec evolution and tooling while the company serves as an OWASP “god mode” sponsor for the OWASP MASVS

“The OWASP MASVS and MSTG are the foundation of a mobile appsec program,” said Carlos Holguera, OWASP project lead and NowSecure Security Researcher. “The MASVS guides developers and security analysts on architecture, threat modeling and proper techniques to secure mobile data. The MSTG has hundreds of tests you should perform and there are many nuances and edge cases to consider. Without the right expertise it can be tough to effectively achieve full MASVS compliance. The MSTG encourages the use of automated tools to leverage static and dynamic analysis but also emphasizes that having security professionals you can trust is essential.”

Over the past decade, NowSecure Services has performed more than 10,000 mobile app pen tests across a broad variety of mobile apps and  industries. NowSecure offers a full slate of pen testing services including rapid, targeted, full-scope and certifications. NowSecure offers services and software for ioXt certification for IoT-connected mobile apps as an authorized ioXt certification lab and National Information Assurance Partnership (NIAP) compliance for the mobile app protection profile. Today NowSecure adds OWASP MASVS pen testing services to the list of available expert-led certifications. Built up over years of experience, NowSecure pen testing services follow a rigorous methodology partnering with mobile app development and security teams including assessment kickoff, customer policy review, industry compliance review, threat modeling, comprehensive app analysis, customized reporting, results walkthrough, remediation collaboration and retest to confirm validated remediation.

“NowSecure is the recognized expert for standards-based testing software and services, partnering with organizations to safeguard trust in their mobile app initiatives,” said NowSecure CEO Alan Snyder. “As an OWASP contributor and sponsor for years, we are committed to the evolution of the specifications. Today we are adding these products and services to help customers ensure the security and privacy of their mobile apps leveraging the gold standard of OWASP MASVS.”

With this announcement, NowSecure Platform has also added MASVS mappings to all relevant findings so that customers can leverage automation for their MASVS testing needs.

NowSecure Platform provides cloud-based automated mobile app security testing for on-demand and DevSecOps continuous testing scenarios. NowSecure Platform delivers a battery of more than 600 automated mobile app tests for comprehensive coverage of mobile security and privacy. NowSecure Platform enables organizations to build and deploy mobile apps faster with the confidence that security and privacy are built in.

NowSecure Pen Testing Service for OWASP MASVS and NowSecure Platform with OWASP MASVS testing are components of the industry’s only full suite of mobile appsec solutions from NowSecure, including:

Learn more about NowSecure Pen Testing for OWASP MASVS Compliance here.

About NowSecure

As the standards-based mobile app security and privacy company, NowSecure protects the Mobile App Economy. The world’s most demanding organizations, innovative mobile developers and advanced security teams entrust NowSecure to safeguard millions of mobile app users across banking, insurance, high tech, IoT, retail, hospitality, energy and government sectors. Only NowSecure delivers the full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing and training courseware with the depth, speed, accuracy, and efficiency to meet modern organization demands. Dedicated to the open-source community and standards including OWASP, ioXt and NIAP, NowSecure is SOC 2 certified and recognized by IDC, Gartner, Deloitte Fast 500, and TAG Cyber. www.nowsecure.com

Posted by
Brian Reed NowSecure CMO

Brian Reed

CMO
As NowSecure Chief Mobility Officer, Brian Reed brings decades of experience in mobile, apps, security, dev and operations management including NowSecure, Good Technology, BlackBerry, ZeroFOX, BoxTone, MicroFocus and INTERSOLV working with Fortune 2000 global customers, mobile trailblazers and government agencies. At NowSecure, Brian drives the overall go-to-market strategy, solutions portfolio, marketing programs and industry ecosystem. With more than 25 years building innovative products and transforming organizations, Brian has a proven track record in early and mid-stage companies across multiple technology markets and regions. As a noted speaker and thought leader, Brian is a dynamic speaker and compelling storyteller who brings unique insights and global experience. Brian is a graduate of Duke University.