NowSecure helps our customers scale their mobile app sec by taking something that they do in weeks, we can do in days, hours or even with some of our products in minutes.
Katie Bochnowski, Vice President of Services
The way we can help a company scale is to have solutions built for different challenges. Workstation reduces the manual pen testing time down from two to three weeks down to just a couple of hours. From there if you need to scale even further, if you release builds every day, it may not be viable to even spend two or three hours a day doing a test on an app when there’s an update. You can then go to the next level and integrate the solution directly into your DevOps life cycle and literally spend no human time after configuration, if you’re doing builds repeatedly.
Switching gears from a mobile app risk standpoint, to apps your employees use or your organization partners use that are out on the App Store. We have an automated engine that points to the App Store, which assesses the risk of thousands and thousands of mobile apps without you having to do a thing — other than integrating those results back into whatever system or tracking system you use. When it comes to scalability, we have lots of options. Whether it’s apps you’ve built yourselves or apps you’re using internally.
Tony Ramizrez, Senior Application Security Analyst
Scaling is difficult. A lot of people don’t realize how difficult mobile is in terms of scaling because it’s so different than web. We talk to customers who are worried about vetting their third party apps or testing their first party apps. What’s great about Platform is you start off observing five of your apps, and you realize there’s more important apps in your organization you need to be monitoring. You end up upping the scale to like 50 apps over a year. And that’s common, that happens and it’s great to see because that’s part of your overall risk profile. A lot of people are starting to realize that they should be treating their mobile apps like they do their web apps and filtering and not allowing certain websites to be viewed.
Why wouldn’t you treat your mobile apps the same way? But on top of that, the mobile development cycle is super short. People are pushing out apps, developers are pushing out five builds a day (depending on your organization). Being able to test every version of that app and get through really rapidly is immensely powerful. Being able to remediate issues as early on in the development cycle is the ultimate cost saver. But also time-saver. Everybody can agree that there’s nothing more important than saving time, because that’s really the only commodity that you can’t get back.