Mobile Application Security Testing
Komodo’s Mobile Security testing methodology is based on years of experience testing complex applications and systems in market leading companies.
The methodology includes both manual and automatic testing, including fuzzing and code-reviews, by using Komodo’s unique tools.
The Mobile Application Security Testing is conducted in two approaches – (White Box) Static testing of the source code and application testing (penetration) of the system in a testing environment simulating the real production environment of the applications.
Testing of mobile security includes the following:
* Mobile Application Architecture review
* Sensitive information exposure
* Communication’s channel protection
* Authentication mechanism
* Session management
* Input validation
* Error and Exception Handling
* Unauthorized resources access
* Unauthorized phone resources use (GPS, Camera, SMS)
* Malicious code/Backdoors
* Denial of service
* Standard library use
* Correctly application of security mechanisms
* Memory Analysis
* Protocols in Use
* Unprotected application interfaces
* Relevant OWASP top-10
The results of a penetration test are detailed in a comprehensive report that clearly explain where your vulnerabilities are, what the risk to your business is, who may be able to exploit these vulnerability and how to best secure your application.
Our reports are aimed to both non-technical senior executives, focusing on potential risks and probability, as well as to the application developers giving an in-depth explanation regarding the way mitigate risks.
In order enable more effective discussion, and better understanding of software weaknesses detailed in our reports, we care to co correlate each vulnerability to a valid MITRE CWE ID.
Secure Your Web Applications, APIs & Mobile Apps
with Advanced Black Box Penetration Testing Services
Komodo Consulting is a high-end cyber security firm that specializes in Application Security, Black-Box Penetration Testing, Red-Team Exercises, serving Fortune 500 companies in Israel, Europe, and the US.
Founded by leading consulting experts with decades of experience, the team includes seasoned security specialists with worldwide information security experience along with military intelligence experts.
As an organisation constantly targeted by malicious attacks, Komodo provides us with peace of mind both by securing our applications before they go into production and by acting as our incident response team at the most critical moments when we need them.
Amnon Cohen, CIO, Safecharge
Trusted by the World's Best Companies
We've been working with Komodo, our trusted advisers on application security and penetration testing, for over six years now. They consistently provide us with invaluable insights, briefings, and value. I wholeheartedly recommend them to any company in need of first-class application and cyber security services.
Amir Levi, CTO, Harel Insurance
Work with Komodo Consulting has always been a streamlined, efficient process. Results are always to the point and right on time, accompanied by valuable insights and advice.
Eldan Ben-Haim, CTO, Trusteer (IBM)