Komodo’s  Mobile Security testing  methodology is based on years of experience testing complex applications and systems in market leading companies.

The methodology includes both manual and  automatic testing, including fuzzing and code-reviews, by using Komodo’s unique tools.

The Mobile Application Security Testing is conducted in two approaches – (White Box) Static testing of the source code and application testing  (penetration) of the system in a testing environment simulating  the real production environment of the applications.

Testing of mobile security includes the following:

* Mobile Application Architecture review

* Sensitive information exposure

* Communication’s channel protection

* Authentication mechanism

* Session management

* Input validation


* Error and Exception Handling


* Unauthorized resources access


* Unauthorized phone resources use (GPS, Camera, SMS)


* Malicious code/Backdoors


* Denial of service


* Standard library use


* Correctly application of security mechanisms


* Memory Analysis


* Protocols in Use


* Unprotected application interfaces


* Relevant OWASP top-10

The results of a penetration test are detailed in a comprehensive report that clearly explain where your vulnerabilities are, what the risk to your business is, who may be able to exploit these vulnerability and how to best secure your application.

Our reports are aimed to both non-technical senior executives, focusing on potential risks and probability, as well as to the application developers giving an in-depth explanation regarding the way mitigate risks.
In order enable more effective discussion, and better understanding of software weaknesses detailed in our reports, we care to co correlate each vulnerability to a valid MITRE CWE ID.

Secure Your Web Applications, APIs & Mobile Apps 

with Advanced Black Box Penetration Testing Services

Penetration Testing



USA: +1 917 5085546 

UK: +44 20 37694351

ISR: +972 9 955 5565

  • Komodo Consulting Penetration security services Company on Twitter
  • Komodo Consulting Pentest Testing Company on LinkedIn
  • Komodo Consulting Penetration security testing service provider on Facebook

Copyright © Komodo Consulting