Las Vegas, NV August 5, 2020—NowSecure, the leading mobile app security and privacy software company, announced today the release of NowSecure Workstation 6.0 at the Black Hat USA 2020 Virtual Conference. Purpose-built for mobile pen testers and security analysts, NowSecure Workstation 6.0 enables deep interactive testing of mobile apps with a significant performance boost in user experience, testing speed and coverage, and extensibility to rapidly integrate additional testing tools and scripts.
Traditional mobile app pen testing can consume two weeks or more of manual effort, requiring deep security expertise and a myriad of tools to probe mobile app risks then manually document the assessment from multiple sources. NowSecure Workstation combines interactive wizards, proven test automation and preset report generation to slash a two-week process into mere hours while simultaneously improving depth, breadth and consistency of test coverage.
“Mobile apps dominate digital user time spent, yet mobile app security testing has been notoriously slow and complicated, leaving mobile users and organizations at risk,” said NowSecure CEO Alan Snyder. “This major upgrade shows our ongoing commitment to help our customers and partners scale their mobile appsec testing programs. What’s more, NowSecure Workstation uniquely addresses the growing need to test complex IoT mobile apps for medical, automotive, industrial and consumer products.”
The NowSecure Workstation all-in-one toolkit combines a preconfigured laptop with mobile security testing software, an iOS device, an Android device and a Wi-Fi dongle. Within minutes, security analysts can load a mobile app binary on one of the devices, configure sensitive data and search terms, and start testing. Within a few hours, security analysts can complete the testing and generate a preformatted report assessment with findings, vulnerability descriptions, CVSS 3.0 scoring, remediation recommendations, and regulatory mappings such as PCI, CVE, CWE, NIAP, GDPR, FFIEC, FISMA, HIPAA and OWASP MASVS.
NowSecure Workstation 6 automates deep, full-coverage testing using a mix of proprietary best- in-class industry tooling, open-source tools such as Frida, Radare and r2Frida, and proven testing methodologies — all built on industry standards and more than a decade of experience pen testing tens of thousands of apps. Extended in version 6 to now include more than 200 built-in SAST/DAST/IAST tests, analysts are in full control to conduct wizard-driven and step-by-step interactive testing. Analysts can dig into individual units within those tests such as device memory or packet data, or interactively test multi-factor authentication, CAPTCHA, mobile apps with IoT, and USB/Bluetooth connected equipment. NowSecure Workstation 6 now includes advanced extensibility to plug in additional tools or use existing scripts that security analysts might prefer; and a more flexible architecture to deliver new Workstation features faster.
NowSecure Workstation is purpose-built to scale mobile app security team productivity. By reducing mobile appsec testing time from weeks to hours, NowSecure Workstation drives massive 10x productivity gains for security analysts and substantial capacity gains across security teams. NowSecure Workstation turns new-to-mobile security analysts into mobile app security experts overnight, and empowers veteran mobile security analysts to automate the mundane work and dig deeper into complex scenarios. Organizations that build and use mobile apps leverage NowSecure Workstation to enable their internal security teams with speed, consistency and depth to meet the needs of the organization. Penetration testing companies and Managed Security Services Providers (MSSPs) leverage NowSecure Workstation to scale their security testing organization cost efficiently.
NowSecure Workstation is part of the NowSecure Suite for mobile app security and mobile risk management solutions that includes NowSecure Platform for automated mobile DevSecOps testing and app store mobile app vetting, NowSecure Workstation kit for mobile pen testers, NowSecure Training Services for developer and security analyst skills advancement, and NowSecure Pen Testing Services for expert certification.
Learn more about the new NowSecure Workstation 6.0 release here.
As the recognized experts in mobile security and privacy, NowSecure protects the global mobile app economy and safeguards the data of millions of mobile app users. Built on a foundation of standards, NowSecure empowers the world’s most demanding organizations with security automation to release and monetize 30% faster, reduce testing and delivery costs by 30% and reduce appsec risk by 40%. Only NowSecure offers a full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing as a Service (PTaaS) and training courseware. NowSecure actively contributes and supports the mobile security open-source community, standards and certification including OWASP MASVS, ADA MASA, NIAP and is recognized by IDC, Gartner, Deloitte Fast 500, and TAG Cyber.