Mobile Application Review

Penetration test of mobile applications to identify misconfigurations or other vulnerabilities

A penetration test of mobile applications can help identify any misconfigurations or other vulnerabilities, giving the assurance that they will not be used to compromise the confidentiality or integrity of a company.

Meeting your business objectives

Mobile applications are defined as the software that runs on any mobile devices, such as smart phones, tablets, or similar devices. These applications are present and commonly used by companies to provide functionality to both clients and employees. Finding flaws in mobile applications can result in attackers compromising devices, sensitive customer or third-party information, to use the devices as gateways for accessing confidential internal corporate resources. It has become increasingly important to ensure applications are coded in an efficient manner, in order to mitigate potential vulnerabilities.  

Protection target: Data

Data

Protection target: Devices

Devices

Protection target: Network

Network

Protection target: Applications

Applications

Protection target: Cloud

Cloud

Service capabilities

01
Code Inspection: This is a static analysis of the mobile applications themselves, decompiling them so that the source code can be examined.
02
Application Assessment: The application will be installed on a testing device to assess whether the application securely stores any sensitive data such as configurations, and also using debuggers and instrumentation frameworks to alter the intended functionality of the application in order to bypass protections.
03
Traffic Inspection: All traffic the application makes to any servers will be inspected and assessed to ensure that secure protocols are being used. In addition, the servers will be subject to infrastructure and web application assessments to provide assurance around their security posture.
04
Mobile Device Management Assessment: When applicable, any MDM solution installed on the device will also be assessed, both the MDM configuration and the MDM application itself.
05
Vulnerability and extended manual testing will explicitly identify where security holes lie and remove false positives. When applicable, other methods will be utilised.
06
Any security issues identified will be highlighted, with recommendations made to ensure all risks are minimised.
07
Any high-risk issues, or ones that could be exploited, will be reported immediately as they could pose an imminent threat, were they to be discovered by an attacker.

Why Exponential-e?

Assess and test the application and all associated resources within the scope.

Any security issues identified will be highlighted, with recommendations made to ensure all risks are minimised.

Any high-risk issues, or ones that could be exploited, will be reported immediately as they could pose an imminent threat, were they to be discovered by an attacker.

Image

Diary of a Data Spill

Download our report:
01
How vulnerable you are: You’ll learn how a CIO can open his business up to untold damage simply by logging into a conference centre’s free WiFi.
02
How unprepared you are: Read in detail as to the missteps a typical business makes in failing to stop malware in its tracks.
03
How much it could cost you: You’ll read about a nightmare scenario for any business. Reputational and financial damage on a staggering scale; damage that can be avoided.

Read our latest security blogs

Technology is omnipresent in young people's lives and is opening up new channels of learning across the education sector, with pupils, students and staff utilising Cloud and video calling platforms bo...
No matter how sure you are that your network is secure, you may still be at risk of cyberattacks. It's no exaggeration Cybercriminals are constantly working to stay one step ahead of organisations and...
It's well-established that security is an essential part of all infrastructure. With data protection more of a concern for customers and end users than ever - particularly in light of regulations like...

Our Customers

Talk to one of our specialists

Fill out the form and we'll get back to you as soon as possible.

If you are looking for technical support, please contact our Support team on: 0845 230 6001

 

Talk to one of our specialists

Fill out the form and we'll get back to you as soon as possible.

If you are looking for technical support please contact our Support team on: 0845 230 6001

100% Privacy Guaranteed. Click here for our privacy policy.

100% Privacy Guaranteed. Click here for our privacy policy.

*Calls to 0845 numbers will cost 7p p/m plus your phone company’s access charge.
All inbound and outbound calls may be recorded for training or quality purposes.

Click here to find out more about all of Exponential-e's accreditations.

© 2020 Exponential-e Ltd. Reg. No. 04499567, Reg. Address:100 Leman Street, London E1 8EU