View profile

NowSecure #MobSec5 - Week of Oct. 22

Revue
 
Those of you adept at penetration testing know it has traditionally been a blend of art and science.
 
October 26 · Issue #127 · View online
NowSecure #MobSec5
Those of you adept at penetration testing know it has traditionally been a blend of art and science. The practice is not only tricky and time consuming, but many companies also lack the in-house talent and tools to conduct pen tests of their mobile apps. And while outsourcing presents an alternative, that too takes a few weeks to complete and doesn’t scale with the ever-increasing velocity of software releases.
Enter technology. Today, automated mobile appsec testing tools conduct pen testing at DevOps speed and integrate directly into the CI/CD toolchain. Did you ever think it was possible to run complete dynamic and behavioral tests on your mobile apps in less than 15 minutes? Discover how here.
Your highlights for the week are as follows:
  • Nearly 90% of analyzed Android apps harvest and share data
  • Beware of some so-called security apps that may not be secure
  • Apple rebuffs iPhone hacking tool popular with law enforcement
  • Mobile malware stats can be scarier than the reality
  • Android device makers are now required to issue regular security updates

Mobile app data sharing 'out of control' | BBC News
Some cybersecurity apps could be worse for privacy than nothing at all | The Conversation
Apple Just Killed The 'GrayKey' iPhone Passcode Hack | Forbes
Google mandates two years of security updates for popular phones in new Android contract | The Verge
What is mobile malware, really? | Brian Madden
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue