With the increase in mobile application usage and the growth of mobile payment solutions, organizations now must extend the corporate network to include the end user devices running mobile applications. As a result, organizations now face new types of security threats directly related to mobile application usage.
With mobile applications, security testing is critical to identify vulnerabilities and mitigate threats. Dara Security's Mobile Application Security Testing is a full-scope approach consisting of:
Mobile Application Penetration Test:
Our goal is to find flaws within the application that could provide access to sensitive information within the mobile application or that could allow an attack on other applications loaded on the same mobile device.
Mobile Application Source Code Review:
Our comprehensive review of the source code will help find vulnerabilities within the code and/or application design itself. Our all-inclusive approach includes manual code reviews, scripts and static analysis tools. We perform mobile app code reviews for Android, iOS and Windows platforms.
Our Mobile Device Attack & Penetration Assessment is an invasive look at the security of each mobile device connected to your network. We assess and evaluate your company's existing deployment of mobile devices and review any existing security controls and processes.
Mobile Devices are rapidly being adopted by enterprises large and small
Mobile Device Management (MDM) systems are usually never tested for security or configuration issues. The customer assumes the vendor has secured these systems
Mobile Device Attack & Penetration can be performed anytime during an MDM deployment
We simulate a lost device and/or theft scenario to determine if your company's mobile devices can be attacked, and if your corporate data can be compromised as a result. We attempt simplistic device attacks (such as passcode bypass) as well as more advanced attacks (such as "Rooting" or "Jailbreaking") to achieve complete device compromise. In addition, we can test any third-party MDM system that you may have implemented as well as policies pushed to the device, ensuring that mobile devices have been deployed securely to your end user base.
Dara Security's purpose is to help organizations identify security threats in their own mobile applications or supplier mobile applications. Our in-depth threat analysis and business logic security testing is ideal for mobile applications involving sensitive data typically handled within mobile banking, mobile commerce and payment, and mobile healthcare applications.