Expert Mobile Application Security Testing. 

With over 50% of  web users accessing the Internet on a mobile device are you confident that your Android and iOS Apps are secure?

Our mobile application security testing service has been designed to make the process of scoping your Android and iOS targets, getting a quote and undertaking your testing as easy as possible for you.

You can benefit from our experience and low overheads allowing you to obtain expert testing at a cost effective price. Our web application security testing is carried out in adherence with the CHECK, CREST, and OWASP Mobile Security Project testing methodologies providing you with detailed results.

Our Testers will assess your mobile applications against the OWASP Top 10 Mobile Security Vulnerabilities to ensure you are free from known issues.


Mobile Application Security Testing designed to make things easier for you. 

Our Mobile Application Security Testing service has been designed to make it quick, simple and easy for you to get a proposal and to arrange a test. Our process works as follows.


Scoping Your Android and iOS Targets

We can discuss your requirements in person, on the phone or send you our scope of work document. Once we have details of your requirement along with the targets in scope we can move to the next stage.

         

Preparing Your Proposal 
 Our testing team evaluate your scope of work and determine how long testing will take. We then prepare and send your proposal including reference sites and costs.

         

Delivering Your Test and Report

We schedule and deliver your test providing you with your comprehensive report on completion which details discovered vulnerabilities with their recommended fixes. 


Mobile Application Security Testing 

Our Mobile Application Security Testing is a risk based manual assessment which uses a mix of automated testing tools combined with manual testing in strict adherence with the OWASP Mobile Security Project, CHECK and CREST testing methodologies. 

Mobile application security testing includes but is not limited the following analysis and testing.     
M1: Weak Server Side Controls     

M2: Insecure Data Storage 

M3: Insufficient Transport Layer Protection

M4: Unintended Data Leakage

M5: Poor Authorisation and Authentication

M6: Broken Cryptography

M7: Client Side Injection

M8: Security Decisions Via Untrusted Inputs

M9: Improper Session Handling

M10: Lack of Binary Protections


Mobile Application Security Testing Methodology

Our web application security assessment testing methodology utilises a mix of all the leading standard methodologies an is constantly evolving. The main headings for our approach are as follows.


Information Gathering

Decompilation of application and high level code audit

Assessment of authentication and authorisation procedures

Evaluation of mobile security policies

Extraction of any sensitive information stored on the device

Evaluation of communication methods

Adherence to common security guidelines and practises

Assessment of API calls & functionality

Assessment of decisions and business logic 

Reporting


Benefits
Fast turnaround from enquiry to testing
        
Simple process to get your proposal
Complimentary commercial and technical scope of requirements
        
Testing available 247 scheduled to suit your requirements

Cost effective competitive pricing
Complementary post testing support
  
Flexible delivery through our out of hours testing service

Immediate Notification of Critical Risks

Easy to follow report with clear directions on how to fix discovered vulnerabilities


 

University Business Centre

Piece Mill

Halifax

HX1 1QE

t: 01422 416000  

e: sales@cognisys.co.uk

Co Reg No: 11035382