Mobile application security tests conducted by the experts at Positive Technologies provide you with an independent assessment of the level of security of your mobile applications. Our experts have extensive experience in mobile application security and a track record of over a decade in protecting networks of leading banks, global telecommunications providers, and industrial conglomerates.
Our mobile application security tests include:
Security Analysis of Client-Side Applications—using techniques and tools of our own design as well as the methodologies of recognized international organizations such as the Web Application Security Consortium (WASC) and the Open Web Application Security Project (OWASP). This assessment includes:
- Automated examination of mobile applications
- Manual search for vulnerabilities by Positive Technologies expertss
- Systematic search for attack vectors that could successfully exploit identified vulnerabilitie
- Analysis to determine the probability of fraudulent transactions
Compliance Audit of Server-Side Applications—monitoring for compliance with industry security standards and industry best practices.
For both server- and client-side applications, Positive Technologies carries out both gray-box security assessments (which simulate an attack by someone with user access to the application) and white-box security assessments (which include analysis of the source code and architecture of the application). While white-box testing is more time-consuming, it usually detects many more vulnerabilities.
The key deliverable from our testing includes a report detailing:
- A full list of vulnerabilities found (or evidence showing their absence)
- Sample code demonstrating how identified vulnerabilities could be exploited
- Recommendations on neutralizing identified vulnerabilities and reducing exposure
- Advice on configuration and equipment settings to improve security
- Suggestions on critical software updates and additional security measures