Mobile Application Security Testing
Komodo’s Mobile Security testing methodology is based on years of experience testing complex applications and systems in market-leading companies.
The methodology includes manual and automatic testing, including fuzzing and code reviews, using Komodo’s unique tools.
We conduct Mobile Application Security Testing using two approaches: Static (White Box) testing of the source code and application testing (penetration) of the system in a testing environment simulating the actual production environment of the applications.
Testing of mobile security includes the following:
* Mobile Application Architecture review
* Sensitive information exposure
* Communication’s channel protection
* Authentication mechanism
* Session management
* Input validation
* Error and Exception Handling
* Unauthorized resources access
* Unauthorized phone resources use (GPS, Camera, SMS)
* Malicious code/Backdoors
* Denial of service
* Standard library use
* Correctly application of security mechanisms
* Memory Analysis
* Protocols in Use
* Unprotected application interfaces
* Relevant OWASP top-10
We detail the penetration test results in a comprehensive report that clearly explains where your vulnerabilities are, the risk to your business, who may be able to exploit them, and how to best secure your application.
Our reports for non-technical senior executives focus on potential risks and probability. In addition, our reports provide application developers with an in-depth explanation of how to mitigate risks.
We correlate each vulnerability to a valid MITRE CWE ID to enable more effective discussion and better understand software weaknesses detailed in our reports.
Secure Your Web Applications, APIs & Mobile Apps
with Advanced Black Box Penetration Testing Services
Komodo Consulting is a high-end cyber security firm specializing in Application Security, Black-Box Penetration Testing, Red-Team Exercises, serving Fortune 500 companies in Israel, Europe, and the US.
Founded by leading consulting experts with decades of experience, the team includes seasoned security specialists with worldwide information security experience and military intelligence experts.
As an organization constantly targeted by malicious attacks, Komodo provides us with peace of mind by securing our applications before they go into production and acting as our incident response team at the most critical moments when we need them.
Amnon Cohen, CIO, Safecharge
Trusted by the World's Best Companies
We've been working with Komodo, our trusted advisers on application security and penetration testing, for over six years now. They consistently provide us with invaluable insights, briefings, and value. I wholeheartedly recommend them to any company needing first-class application and cyber security services.
Amir Levi, CTO, Harel Insurance
Working with Komodo Consulting has always been a streamlined, efficient process. Results are always to the point and right on time, accompanied by valuable insights and advice.
Eldan Ben-Haim, CTO, Trusteer (IBM)