Just as quickly as mobile devices and mobile applications have become a part of daily life, so too have security breaches and attacks increased in frequency.

Two major causes of this are:

  1. The increased time pressures that app developers face to provide new functionalities and bring the apps to market;
  2. Mobile apps are becoming more powerful allowing users to make payments and handle banking from their mobile devices.

All these reasons make frequent mobile application penetration testing crucial in order to protect the reputation of your app and your business. Our team of security experts will help you uncover vulnerabilities via penetration testing, so you can secure them.

Delivery Methods

Our security testing services can be provided via two methods that can be mixed and matched to create an overall testing solution that fits your needs perfectly. For instance, you might require a project-based mobile application penetration test (delivered locally) and vulnerability scan (conducted remotely). 

Project-based

Projects are fixed scope engagements of a predetermined time frame. Projects can be delivered locally at your office alongside your team or carried out remotely from our offices in Amsterdam or Kiev.

Contract-based

Contracting is a method of rolling engagement where a tester is contracted to join your organisation to deliver the required testing. Contract-based work can only be delivered locally, typically from within your team.

Process

Benefits

We use a methodology that consists of the following phases:

  1. Identifying weaknesses in the local data storage mechanism, and instances of side-channel data leakage;
  2. Identifying weak server-side controls; where we investigate the authentication and authorisation measures with regard to the back-end services used;
  3. Identifying weaknesses in the transport layer; where we investigate the possibility of conducting man-in-the-middle (MitM) attacks, and other SSL/TLS attacks;
  4. Identifying issues in the code quality; where we attempt to reverse engineer the application and uncover issues such as hard-coded secrets, development flags, weak cryptography, Vulnerable 3rd party libraries, and insufficient code obfuscation.
  • Being able to assess the strength of your mobile application against known and potential threats through simulated attacks;
  • Protecting your organization’s information assets, and maintaining your market reputation;
  • Increasing the confidence of users in your application’s security posture;
  • Helping to mitigate organisation from customer data breaches..

Contact Us

For more information about how penetration testing can help you secure your applications and networks, contact us using the contact form below or call Baruch Annink at +31 (0) 646 955 406.

top