NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING

NowSecure MARI is the industry’s first simple risk score based on millions of assessments that identifies third-party apps vulnerable to PII and IP exfiltration, supply-chain and MiTM attacks and sensitive data theft.

MARI Datasheet featured image 768X480
NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy Show More
magnifying glass icon

NowSecure Launches Mobile Pen Testing-as-a-Service (PTaaS) to Scale Security More Efficiently

Contact: NowSecure

Tel: (202) 240-7611

Email: [email protected]

For Immediate Release

December 06, 2022 - 9:55 am

 

The cloud-based solution and consultative service delivers continuous automated, expert manual and compliance testing optimized for less than the cost of a single outsourced pen test

 

CHICAGO – December 6, 2022NowSecure, the leading standards-based mobile app security and privacy software company, today launched its latest offering, NowSecure Mobile Pen Testing as a Service (PTaaS), to bridge the gap between automated and manual mobile security assessments for continuous security. Designed to provide mobile developers and security teams with a more cost-effective, efficient pen testing solution, NowSecure PTaaS combines periodic expert manual assessments with automated continuous testing to optimize for full coverage at a higher frequency rate. With this combination, the all-in-one portal and service can quickly identify issues earlier in the developer pipeline and provide consultative guidance to rapidly remediate security issues and speed deployment of high-quality software into production. 

As organizations grapple with recession-tightening budgets in conjunction with a heightened threat of mobile cyber attacks, there is an industry need for a cost-efficient, higher-frequency, higher coverage mobile AppSec testing solution. According to the 5th Annual Penetration Risk Report from Coalfire and NowSecure, 99% of mobile applications have security or privacy risks. By integrating NowSecure Mobile PTaaS, CISOs and security leaders can streamline their pen testing budget while prioritizing continuous, full coverage security testing. Built on over 12 years of mobile application security experience and tens of thousands of pen tests performed, the NowSecure Mobile PTaaS cloud-based platform offers a depth of automated continuous and manual assessments, including: 

  • Periodic expert pen testing based on specific need and schedule 
  • On-demand and continuous security testing integrated into CI/CD & dev toolchain
  • Automatic generation of tickets that include embedded remediation resources
  • Remediation consulting with an expert pen tester
  • Optional industry standard(s) validations and certifications
  • All-in-one SAST, DAST, IAST, APISec, and SBOM
  • Easy to use, dedicated SaaS platform

 

“Mobile apps are critically important to business because they generate revenue and connect with customers. The ongoing financial and market pressures are forcing companies to find ways to reduce costs without sacrificing speed or security,” said NowSecure CEO Alan Snyder. “NowSecure Mobile PTaaS helps to solve these challenges through continuous automated and periodic manual security testing for the depth of coverage needed to ensure a safe, secure mobile app as they are built — all for less than the cost of a single outsourced pen test.”

NowSecure Mobile PTaaS provides maximum value to developer and security team budgets, offering on-demand and scheduled pen testing when needed and automated continuous testing for DevSecOps pipelines that align with any risk and security policy. NowSecure PTaaS starts at $18,000 per mobile app binary per year for unlimited automated continuous security testing and four rapid pen tests. NowSecure PTaaS offers a flexible mix of four pen test options (rapid, targeted, full scope and OWASP MASVS verification), wide choice of pen testing frequency and four continuous automated security testing options to meet any need efficiently and effectively.

To streamline the remediation process and speed shipping quality software, all manual and automated assessments include embedded developer remediation resources with issue details, evidence, repair instructions, code samples and links to documentation. In addition, NowSecure expert pen testers partner with security and dev teams to consult on remediation. After vulnerabilities have been remediated, retesting automation and services are included to confirm mitigation and reinforce confidence that the mobile app is safe, secure and ready for production deployment.

Customers can additionally customize their packages to include more frequent testing options and opt to add on compliance-based assessments for a nominal fee to ensure their application meets the highest industry-set standards. Through the NowSecure Platform portal, customers can receive standards-based assessments across validations for OWASP MASVS, ADA MASA for Google Play™, ioXt Compliance Testing and NIAP Compliance Vetting 

Nowsecure is an ADA Authorized Lab, an ioXt Alliance Authorized Lab for IoT-connected and VPN-connected mobile apps, and OWASP MASTG Advocate. NowSecure is proud to be the only pen testing provider to perform OWASP MASVS pen testing for full MASVS L1, L2, L1+R, & L2+R. 

“Application development and security teams strive to deliver secure software quickly to market, balancing speed and managing risk,” said Michelle Abraham, Research Director, Security and Trust at IDC. “To tackle the pen testing challenges of cost, frequency and coverage, we are seeing a growing trend towards Pen Testing as a Service. PTaaS solutions offer a mix of continuous automated security testing and deeper manual pen testing to bring together the best of both worlds.”

NowSecure Mobile PTaaS joins the industry’s only full suite of mobile app security solutions from NowSecure including NowSecure Platform for automated security testing, NowSecure Workstation kit for pen tester productivity, NowSecure Supply Chain Risk Management, NowSecure Pen Testing Services, and NowSecure Academy training courseware for dev and security teams. Built on a foundation of standards and automation, NowSecure empowers organizations to deliver the most secure mobile apps faster and continuously monitor their mobile app supply chains for risk at a lower cost. Top mobile innovators trust NowSecure to safeguard their mobile apps including AT&T, Caribou Coffee, Chime, iRobot and Uber.

You can learn more about the value of NowSecure Pen Testing and features of NowSecure Mobile PTaaS by signing up for a personal consultation HERE.

About NowSecure

Mobile apps define an enterprise’s digital presence and drive engagement with both employees and customers. However, the rapid pace of mobile innovation introduces security, safety and privacy risks that traditional risk management technologies often miss. By partnering with NowSecure to build a Mobile Applications Risk Management (MARM) program, organizations are better protected against the risks that plague the largely insecure mobile app ecosystem. NowSecure provides policy-driven progressive testing tailored to risk tiers, combining automated continuous assessments with expert Pen Testing as a Service (PTaaS) to pinpoint and remediate security, safety, and privacy issues. This approach shrinks the mobile app attack surface and accelerates app releases. Built on a foundation of industry standards by mobile security experts, NowSecure safeguards many of the world’s leading brands and their employees, partners and customers.

Posted by