NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy

The solution suite enables agencies to quickly access security threat reports, vulnerability information and SBOMs for commercial mobile app supply chain to support federal tracking and reporting mandates from EO, CISA OMB and DoD

NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy NowSecure Launches GovAppDB™ and Threat Assessment Service to Support New Federal Mandates for Mobile Security and Privacy Show More
magnifying glass icon

Mobile Forensics with Katie Bochnowski | NowSecure VP of Customer Success & Services

Katie Bochnowski is the Vice President of Services for NowSecure, and she has been with the company since 2010.

How did you get started with mobile forensics?

Back in undergrad at Purdue, it was my final semester getting ready to graduate and get done with school and one of the electives was a mobile forensics course. I thought it sounded fun, took it and got to work closely with local law enforcement on investigations and things that related to mobile devices in that way. So fast forward from there, that’s how my interest first got started.

How does NowSecure Help Customers?

NowSecure works with our customers and prospects to help secure their mobile app environment or mobile device environment. The end goal is, of course, to make the apps safe and secure for end-users to use, whether it’s mobile banking or healthcare or really anything that handles someone’s personal information, we want to make sure that that app is safe and secure on those devices.

How do great people power our pen testing?

I’m a bit biased, but we have the best pen testers as it relates to mobile. When we recruit, we look for very specific types of skills in a security analyst that we know are required to pentest mobile apps specifically. There is some overlap between the type of pen testing done for web apps, for example. But a lot of the qualities that we look for are things like reverse engineering, forensic analysis. If you really understand the mobile ecosystem and know how to pull data off of those devices, that’s a good groundwork to lay before you build on top of that for the other skills.

Our team consists of analysts that have specialties in each of those different areas that covered the entire mobile attack surface. And that’s why our team stands out above others: because we built-out that team so they’re well-rounded and have each of those unique capabilities.

How are NowSecure products differentiated?

We did what others thought was too hard to do, and we stuck with it because we knew in the long run, it would be worth it. What I mean by that is there’s a lot of tools out there do static analysis or just do network analysis or just do mobile forensics, but what we know is important to do in order to really secure a mobile app, we know that it’s important to cover that entire mobile app attack surface.

I remember back when we were talking about trying to automate some of this, I remember thinking, “We can’t automate this. There’s no way you can automate dynamic analysis, that’s what a security analyst is for, that’s what a human being is for.” And to a certain extent, that’s always going to be true. However, we were able to automate things that I never thought would be possible — due to our smart guys on the research team and really the whole company kind of pitching in and putting their minds together and building something.

Why is NowSecure a great place to work?

NowSecure is a great place to work for a few different ways. One, I can tell you that I feel like I’ve had seven or eight different jobs over the course of the almost 10 years that I’ve been here, because you’re never doing the same thing. Things are always progressing. Starting off doing peer services, pen testing and growing into more cross-functional roles is something that we see our employees do.

Check out our careers page.