What We Do

What We Do

Secure your information at your fingertips


Mobile applications are one of the increasingly popular channels for brands to reach out to their customer and to deliver more personalized content or advertisement to them. It means more and more personal information is to be collected in order to achieve a better experience and it also means that more and more critical information is present to be attacked. How would you proceed to protect your’s or your customers’ information?

85% of mobile apps violated one or more of the OWASP Mobile Top 10


4 out of 5 mobile apps contains 1 or more of the 10 MOST critical mobile security risks that are detailedly documented and may lead to serious leakage of information or exploit.

Mobile vs web and PC applications


Mobile operating system and development cycle are hugely different than PC and web applications. Specialized training and AppSec testing tools are a MUST for secure mobile development.

Client Results


Our Framework


Identify

what potential weak points via your mobile applications

Protect

Detect

potential leakage and security knowledge gap

Response

Consultation on best practice for secure web application development processes

Recover

Red Team

Identify

what potential weak points via your mobile applications

Protect

Detect

potential leakage and security knowledge gap

Response

Consultation on best practice for secure web application development processes

Recover

Red Team

Our Approach


Using Open Source Intelligence and Human Intelligence as a foundation, we combine web application security assessment techniques with assessment techniques specific to mobile computing environments.

 

We will review:

  • The files from the application when decompiled
  • The application source code
  • The presence and implementation of transport security
  • Any potential for binary modification
  • Authorisation, permission and authentication controls
  • Any fallout from uninstalling the application