NowSecure® today announced NowSecure Intelligence™, a cloud SaaS solution that continuously monitors the security status of mobile apps published on the Apple® App Store® and the Google Play™ store. NowSecure Intelligence is part of the NowSecure mobile app security testing platform and provides deep security visibility into all mobile apps used within the enterprise and consumer apps on employee-owned devices that could threaten enterprise security. Interested parties can request a demonstration of NowSecure Intelligence at Black Hat USA 2017 or apply for early access by visiting https://www.nowsecure.com/solutions/mobile-app-vetting/.
Keeping up with the rapidly expanding mobile app attack surface is a challenge for global 2000 enterprises and government agencies. In the Department of Homeland Security’s April 2017 “Study on Mobile Device Security,” the agency stated that organizations need visibility into mobile apps that gather privacy-sensitive information, exploit vulnerabilities, or access enterprise networks and data. NowSecure Intelligence addresses that challenge by automatically and continuously performing security assessments of published iOS and Android™ apps so that security teams can make informed decisions about approving those apps, and subsequent updates, for corporate use.
“Our automated app testing framework and unmatched dynamic analysis capabilities for iOS and Android apps set NowSecure Intelligence apart from first-generation mobile app vetting products currently in the marketplace,” said NowSecure CTO David Weinstein. “NowSecure Intelligence uniquely combines static and dynamic analysis to identify critical risks such as sensitive data in transit, network traffic destinations, code flaws, forensic data, and third-party components. The data feed also becomes a reference point to track app and developer changes over time.”
Security and mobility teams looking to plug the NowSecure Intelligence data feed into existing systems—such as risk monitoring dashboards, enterprise mobility management (EMM) software, and other tools—can leverage open APIs.
“This critical addition of NowSecure Intelligence enables NowSecure to provide continuous, automated app analysis for every single mobile app that touches a client’s infrastructure,” said NowSecure CEO Alan Snyder. “NowSecure Lab Automated automates security analysis of custom-developed apps and NowSecure Lab Workstation enables security analysts to perform their own deep-dive analysis on any app whether it be commercial, internally developed, or outsourced. NowSecure is the only solution that delivers complete testing coverage for all mobile apps.”
NowSecure Intelligence continuously downloads and performs static and dynamic analysis of new apps and updates published to the official app stores. NowSecure takes a unique approach to dynamic analysis by installing a target app on a physical Android or iOS device, as opposed to an emulator. The method includes logging into the app and exercising it as a user would, which results in deeper analysis, more accurate results, and more thorough inspection of third-party libraries, app components, and server connections.
NowSecure Intelligence makes it easy to diagnose and prioritize mobile app security risks based on a risk score developed by the renowned NowSecure research team. Risk findings also map to trusted industry standards such as: Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE™), National Information Assurance Partnership (NIAP) mobile app vetting requirements, and Open Web Application Security Project (OWASP) Top 10 mobile risks.
To learn more about how NowSecure Intelligence can help your organization reduce mobile app risk and ensure compliance with regulations and corporate policy, visit booth #1759 at Black Hat USA 2017 on July 26 and 27 in Las Vegas or visit https://www.nowsecure.com/solutions/mobile-app-vetting/.
NowSecure is the mobile app security software company trusted by hundreds of the world’s most demanding organizations and most advanced security teams. Only the NowSecure Platform delivers fully automated 360-degree coverage of mobile app security testing with the speed, accuracy, and efficiency the modern enterprise requires. Through the industry’s deepest and most advanced static, dynamic, behavioral and interactive mobile app security testing on real-world Android and iOS devices, NowSecure identifies the broadest array of security threats, compliance gaps and privacy issues in custom-developed, commercial, and business-critical mobile apps. With the world’s most comprehensive suite of mobile app security testing solutions for Agile and DevSecOps environments, NowSecure customers can choose automated software on-premises or in the cloud, expert professional penetration testing and managed services, or a combination of all as needed. More enterprises and government agencies trust NowSecure as the fastest path to deeper mobile app security testing and certification than any other provider. For more information about NowSecure, visit https://www.nowsecure.com.