Mobile Application Security

Mobile App Security and Privacy Analysis

By some estimates the worldwide mobile industry is well on its way to achieving 44 billion cumulative downloads of mobile apps by 2016. CISOs and security professionals are taking note of the increasing popularity of smartphones and tablets and the proliferation of customer-facing and corporate-oriented mobile apps. As these apps start to access sensitive data and transact business critical operations, questions about their inherent security and privacy posture need to be answered. While a mobile workforce stands to enhance productivity it should not come at the expense of security and privacy. Veracode’s Mobile App Security and Privacy Analysis service helps customers learn about the security risks and potential privacy violations of internally developed and third-party mobile applications.

• Gain visibility into security and privacy risks of mobile apps
• Assess internally developed and third-party mobile apps
• Leverage scale and cost advantage of automated solution
• Learn about expert advice on effective remediation and mitigation strategies

Supported Platforms

Veracode supports the following mobile platforms for static binary scanning: iOS, Android, Windows Mobile, BlackBerry

Mobile Security Issues: A Multi-tiered Challenge

Mobile applications may have several types of security risk: language inherent risk, based on common security flaws in the language; malicious data exfiltration, in which sensitive data is surreptitiously transmitted from the phone; and platform specific risk, based on specific vulnerabilities inherent in the mobile platform. Some examples of the types of language related and other flaws that Veracode’s automated service discovers for mobile apps are discussed below.