NowSecure Launches Continuous Mobile App Security Vetting for Millions of Apple App Store and Google Play Store Apps
Building on the proven NowSecure mobile app security testing platform, NowSecure Intelligence automates the identification of security threats, compliance gaps, and privacy issues in third-party apps used throughout the enterprise.
For Immediate Release
July 18, 2017 - 8:05 amNowSecure® today announced NowSecure Intelligence™, a cloud SaaS solution that continuously monitors the security status of mobile apps published on the Apple® App Store® and the Google Play™ store. NowSecure Intelligence is part of the NowSecure mobile app security testing platform and provides deep security visibility into all mobile apps used within the enterprise and consumer apps on employee-owned devices that could threaten enterprise security. Interested parties can request a demonstration of NowSecure Intelligence at Black Hat USA 2017 or apply for early access by visiting https://www.nowsecure.com/solutions/mobile-app-vetting/.
Keeping up with the rapidly expanding mobile app attack surface is a challenge for global 2000 enterprises and government agencies. In the Department of Homeland Security’s April 2017 “Study on Mobile Device Security,” the agency stated that organizations need visibility into mobile apps that gather privacy-sensitive information, exploit vulnerabilities, or access enterprise networks and data. NowSecure Intelligence addresses that challenge by automatically and continuously performing security assessments of published iOS and Android™ apps so that security teams can make informed decisions about approving those apps, and subsequent updates, for corporate use.
“Our automated app testing framework and unmatched dynamic analysis capabilities for iOS and Android apps set NowSecure Intelligence apart from first-generation mobile app vetting products currently in the marketplace,” said NowSecure CTO David Weinstein. “NowSecure Intelligence uniquely combines static and dynamic analysis to identify critical risks such as sensitive data in transit, network traffic destinations, code flaws, forensic data, and third-party components. The data feed also becomes a reference point to track app and developer changes over time.”
Security and mobility teams looking to plug the NowSecure Intelligence data feed into existing systems—such as risk monitoring dashboards, enterprise mobility management (EMM) software, and other tools—can leverage open APIs.
“This critical addition of NowSecure Intelligence enables NowSecure to provide continuous, automated app analysis for every single mobile app that touches a client’s infrastructure,” said NowSecure CEO Alan Snyder. “NowSecure Lab Automated automates security analysis of custom-developed apps and NowSecure Lab Workstation enables security analysts to perform their own deep-dive analysis on any app whether it be commercial, internally developed, or outsourced. NowSecure is the only solution that delivers complete testing coverage for all mobile apps.”
NowSecure Intelligence continuously downloads and performs static and dynamic analysis of new apps and updates published to the official app stores. NowSecure takes a unique approach to dynamic analysis by installing a target app on a physical Android or iOS device, as opposed to an emulator. The method includes logging into the app and exercising it as a user would, which results in deeper analysis, more accurate results, and more thorough inspection of third-party libraries, app components, and server connections.
NowSecure Intelligence makes it easy to diagnose and prioritize mobile app security risks based on a risk score developed by the renowned NowSecure research team. Risk findings also map to trusted industry standards such as: Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE™), National Information Assurance Partnership (NIAP) mobile app vetting requirements, and Open Web Application Security Project (OWASP) Top 10 mobile risks.
To learn more about how NowSecure Intelligence can help your organization reduce mobile app risk and ensure compliance with regulations and corporate policy, visit booth #1759 at Black Hat USA 2017 on July 26 and 27 in Las Vegas or visit https://www.nowsecure.com/solutions/mobile-app-vetting/.
About NowSecure
Mobile apps define an enterprise’s digital presence and drive engagement with both employees and customers. However, the rapid pace of mobile innovation introduces security, safety and privacy risks that traditional risk management technologies often miss. By partnering with NowSecure to build a Mobile Applications Risk Management (MARM) program, organizations are better protected against the risks that plague the largely insecure mobile app ecosystem. NowSecure provides policy-driven progressive testing tailored to risk tiers, combining automated continuous assessments with expert Pen Testing as a Service (PTaaS) to pinpoint and remediate security, safety, and privacy issues. This approach shrinks the mobile app attack surface and accelerates app releases. Built on a foundation of industry standards by mobile security experts, NowSecure safeguards many of the world’s leading brands and their employees, partners and customers.