Mobile Application Review

Penetration test of mobile applications to identify misconfigurations or other vulnerabilities

A penetration test of mobile applications can help identify any misconfigurations or other vulnerabilities, giving the assurance that they will not be used to compromise the confidentiality or integrity of a company.

Meeting your business objectives

Mobile applications are defined as the software that runs on any mobile devices, such as smart phones, tablets, or similar devices. These applications are present and commonly used by companies to provide functionality to both clients and employees. Finding flaws in mobile applications can result in attackers compromising devices, sensitive customer or third-party information, to use the devices as gateways for accessing confidential internal corporate resources. It has become increasingly important to ensure applications are coded in an efficient manner, in order to mitigate potential vulnerabilities.  

Protection target: Data

Data

Protection target: Devices

Devices

Protection target: Network

Network

Protection target: Applications

Applications

Protection target: Cloud

Cloud

Service capabilities

01
Code Inspection: This is a static analysis of the mobile applications themselves, decompiling them so that the source code can be examined.
02
Application Assessment: The application will be installed on a testing device to assess whether the application securely stores any sensitive data such as configurations, and also using debuggers and instrumentation frameworks to alter the intended functionality of the application in order to bypass protections.
03
Traffic Inspection: All traffic the application makes to any servers will be inspected and assessed to ensure that secure protocols are being used. In addition, the servers will be subject to infrastructure and web application assessments to provide assurance around their security posture.
04
Mobile Device Management Assessment: When applicable, any MDM solution installed on the device will also be assessed, both the MDM configuration and the MDM application itself.
05
Vulnerability and extended manual testing will explicitly identify where security holes lie and remove false positives. When applicable, other methods will be utilised.
06
Any security issues identified will be highlighted, with recommendations made to ensure all risks are minimised.
07
Any high-risk issues, or ones that could be exploited, will be reported immediately as they could pose an imminent threat, were they to be discovered by an attacker.

Why Exponential-e?

Assess and test the application and all associated resources within the scope.

Any security issues identified will be highlighted, with recommendations made to ensure all risks are minimised.

Any high-risk issues, or ones that could be exploited, will be reported immediately as they could pose an imminent threat, were they to be discovered by an attacker.

Image

Diary of a Data Spill

Download our report:
01
How vulnerable you are: You’ll learn how a CIO can open his business up to untold damage simply by logging into a conference centre’s free WiFi.
02
How unprepared you are: Read in detail as to the missteps a typical business makes in failing to stop malware in its tracks.
03
How much it could cost you: You’ll read about a nightmare scenario for any business. Reputational and financial damage on a staggering scale; damage that can be avoided.

Read our latest security blogs

There's no doubt that home working is here to stay. While it may have initially been deployed at large scale out of necessity, in response to COVID-19, it is clear that we are witnessing the dawn of a...
Cloud adoption has been rising year by year for some time now, with Gartner predicting this trend to accelerate beyond 2020. It has long moved on from its earliest days, where it was largely regarded ...
The past few months have certainly been challenging for businesses all over the UK - from start-ups to established industry leaders. Organisations have found themselves adapting to the demands of a re...

Our Customers

Talk to one of our specialists

Fill out the form and we'll get back to you as soon as possible.

If you are looking for technical support, please contact our Support team on: 0845 230 6001

 

Talk to one of our specialists

Fill out the form and we'll get back to you as soon as possible.

If you are looking for technical support please contact our Support team on: 0845 230 6001

100% Privacy Guaranteed. Click here for our privacy policy.

100% Privacy Guaranteed. Click here for our privacy policy.

*Calls to 0845 numbers will cost 7p p/m plus your phone company’s access charge.
All inbound and outbound calls may be recorded for training or quality purposes.


© 2020 Exponential-e Ltd. Reg. No. 04499567, Reg. Address:100 Leman Street, London E1 8EU