Keep your users safe with TrustedSec’s Mobile Security Assessment
Your customers and employees rely on your secure mobile applications—we will help you keep it that way.
Mobile Security Assessments are critical in today’s technology environment. Increasingly, an organization’s primary customer interaction conduit runs through mobile applications, and users and organizations alike are relying on mobile devices for authentication, storage of personal information, and commerce. The growing importance of mobile devices and applications demands a similarly increased focus on security.
During a Mobile Security Assessment, TrustedSec will craft our tests and analysis to best meet the objectives of your organization with a custom scope, including back-end services and the specific technical testing requirements of the application. TrustedSec always evaluates client-side mobile application components for weakness associated with the OWASP Mobile Top 10 using methodologies outlined in the OWASP Mobile Security Testing Guide (MSTG).
Why organizations trust our mobile security assessments
At TrustedSec, we pride ourselves on developing and utilizing our own custom tools and extensions. These will provide us with access and extraction abilities used by advanced attackers. TrustedSec will identify and attempt to bypass controls such as certificate pinning and root/jailbreak detection. Network communication will be monitored and tampered with to attempt to identify potential vulnerabilities with back-end services.
Additionally, client applications will be analyzed to identify potential weaknesses in handling sensitive information such as credentials or payment data. TrustedSec will perform dynamic instrumentation against the client applications to uncover encryption keys and credentials and to monitor interesting application functionality. Client applications may also be reverse engineered to identify issues that were not discovered during dynamic testing.
