Mobile App Insecurity
February 11, 2013
By Jack Walsh

Not that long ago enterprise users did all of their computing work with PCs. Then, the small set of applications utilized each day was largely developed by a few, well-known vendors. Today’s mobile world is much different; there is a much larger set of less recognizable software developers who create mobile apps for enterprises.  

Not being software developers themselves, enterprises have for some time been passing development to third parties. Since then, many enterprises have had processes and tools in place to assess their custom-built PC apps.   

However, in terms of analyzing custom-built mobile apps, the analysis tools are largely insufficient. While some tool vendors have begun to look at mobile code, the focus is on code quality instead of functionality. This means that enterprises: 

  • Cannot determine if their apps violate internal or regulatory policies.
  • Do not know if their apps expose private customer, partner or internal data.
  • Do not know if their apps are vulnerable to attacks including man-in-the-middle and injection-type attacks – or worse – are themselves malicious. 

 

This inability to properly assess the safety of enterprise apps threatens a company’s brand reputation and its business. 

Testing security products since 1991, ICSA Labs has the solution. We have the tools, experience and competency to analyze your mobile apps.  Find out how we can help verify your apps are safe.  For more information contact Jack Walsh at 717.790.8126 or via email.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.