Meticulous testing for iOS, Android and HMS applications to identify risks to businesses and client data. Our tests strictly adhere to the OWASP Mobile Top 10 standards and our testing approach.
Decompiling mobile apps, testing for potentially sensitive information and analysing code that can be decompiled for vulnerability and other permission issues.
Running scans on apps to identify outdated plugin uses and test against the OWASP Mobile Application Top 10 vulnerabilities.
Testing mobile apps in a virtual environment to assess if they are being run virtually. If not, analysts continue the assessment using the virtual environment.
Installing the app on a physical device to test its process and flow using third-party tools to find vulnerabilities and bugs not found in the static analysis. The web server the app connects to is also tested to ensure it is adequately secured.
Creating in-depth documentation of identified vulnerabilities. Includes steps to reproduce each issue, screenshots, a description of the impact and exploitability, and options for remediation.