Las Vegas, NV August 5, 2020—NowSecure, the leading mobile app security and privacy software company, announced today the release of NowSecure Workstation 6.0 at the Black Hat USA 2020 Virtual Conference. Purpose-built for mobile pen testers and security analysts, NowSecure Workstation 6.0 enables deep interactive testing of mobile apps with a significant performance boost in user experience, testing speed and coverage, and extensibility to rapidly integrate additional testing tools and scripts.
Traditional mobile app pen testing can consume two weeks or more of manual effort, requiring deep security expertise and a myriad of tools to probe mobile app risks then manually document the assessment from multiple sources. NowSecure Workstation combines interactive wizards, proven test automation and preset report generation to slash a two-week process into mere hours while simultaneously improving depth, breadth and consistency of test coverage.
“Mobile apps dominate digital user time spent, yet mobile app security testing has been notoriously slow and complicated, leaving mobile users and organizations at risk,” said NowSecure CEO Alan Snyder. “This major upgrade shows our ongoing commitment to help our customers and partners scale their mobile appsec testing programs. What’s more, NowSecure Workstation uniquely addresses the growing need to test complex IoT mobile apps for medical, automotive, industrial and consumer products.”
The NowSecure Workstation all-in-one toolkit combines a preconfigured laptop with mobile security testing software, an iOS device, an Android device and a Wi-Fi dongle. Within minutes, security analysts can load a mobile app binary on one of the devices, configure sensitive data and search terms, and start testing. Within a few hours, security analysts can complete the testing and generate a preformatted report assessment with findings, vulnerability descriptions, CVSS 3.0 scoring, remediation recommendations, and regulatory mappings such as PCI, CVE, CWE, NIAP, GDPR, FFIEC, FISMA, HIPAA and OWASP Mobile Top 10.
NowSecure Workstation 6 automates deep, full-coverage testing using a mix of proprietary best- in-class industry tooling, open-source tools such as Frida, Radare and r2Frida, and proven testing methodologies — all built on industry standards and more than a decade of experience pen testing tens of thousands of apps. Extended in version 6 to now include more than 200 built-in SAST/DAST/IAST tests, analysts are in full control to conduct wizard-driven and step-by-step interactive testing. Analysts can dig into individual units within those tests such as device memory or packet data, or interactively test multi-factor authentication, CAPTCHA, mobile apps with IoT, and USB/Bluetooth connected equipment. NowSecure Workstation 6 now includes advanced extensibility to plug in additional tools or use existing scripts that security analysts might prefer; and a more flexible architecture to deliver new Workstation features faster.
NowSecure Workstation is purpose-built to scale mobile app security team productivity. By reducing mobile appsec testing time from weeks to hours, NowSecure Workstation drives massive 10x productivity gains for security analysts and substantial capacity gains across security teams. NowSecure Workstation turns new-to-mobile security analysts into mobile app security experts overnight, and empowers veteran mobile security analysts to automate the mundane work and dig deeper into complex scenarios. Organizations that build and use mobile apps leverage NowSecure Workstation to enable their internal security teams with speed, consistency and depth to meet the needs of the business. Penetration testing companies and Managed Security Services Providers (MSSPs) leverage NowSecure Workstation to scale their security testing business cost efficiently.
NowSecure Workstation is part of the NowSecure Suite for mobile app security and mobile risk management solutions that includes NowSecure Platform for automated mobile DevSecOps testing and app store mobile app vetting, NowSecure Workstation kit for mobile pen testers, NowSecure Training Services for developer and security analyst skills advancement, and NowSecure Pen Testing Services for expert certification.
Learn more about the new NowSecure Workstation 6.0 release here.
NowSecure is the mobile app security and privacy software company trusted by hundreds of the world’s most demanding organizations and most advanced security teams. From mobile-powered digital transformation to mobile-first innovators, NowSecure protects millions of mobile app users across banking, insurance, high tech, IOT, retail, hospitality, transportation, energy and government sectors. NowSecure ensures confidence that your organization is protecting your mobile app users, customers, partners and employees.
Only NowSecure delivers fully automated mobile app security, API security and privacy testing software and services with speed, accuracy, and efficiency for enterprise-wide risk management, Agile and DevSecOps programs. Through automated continuous SAST/DAST/IAST/API Security Testing on real Android and iOS devices, NowSecure identifies the broadest array of security threats, compliance gaps and privacy risks. With more than a decade of mobile security expertise, NowSecure is SOC2 certified and was twice recognized as the worldwide leader in 2019 IDC MarketScape reports for Mobile Application Security Testing and named a DevSecOps Transformational leader by Gartner in 2020.