Mobile Application Security Assessments
All the top mobile device manufacturers allow greater convenience in designing, developing and selling mobile applications. While this helps small development houses and individual developers gain both recognition and achieve higher sales, it also allows larger penetration of applications.
[ If you are an Enterprise Customer ]
If you are an enterprise client, then you need assurance that the applications you deploy in your environment are tested and are secure. In most cases, the developers of the application are not the people you want this assurance from. You need a skilled, trusted and independent third party to verify that the applications are designed and developed with security in mind. We can help you find this assurance by conducting application security assessments on a wide variety of mobile platforms.
[ How to engage us ]
The best time to engage our services is when you are deciding to purchase a mobile application or mobile solution for your company. We can then help you make all the correct decisions prior to your purchase. If you have already made a purchase, then it is still not too late. We can conduct both a static and dynamic analysis of the mobile application or solution (without having access to the source code) that you have chosen to pinpoint security flaws. Contact us to discuss your situation.
[ If you are an Enterprise Developer ]
As a development house, you need to ensure that the mobile applications you design can be trusted. While you may find some brilliant software developers out there, they’re not all going to keep their eyes on the security ball. Deadlines, more features, convenient solutions can all take precedence over security. We can help you ensure that the products you roll out don’t put your customers and ultimately yourselves at risk.
[ How to engage us ]
We can engage with you when you have reached either an alpha or beta testing stage for your mobile application. We will conduct a source code review on your applications to determine how secure it is. We will specifically cover:
1. If secure coding principles have been used in the software
2. How well your network communications between client and server are secured
3. How easy it is to alter the behavior of the application logic
What we do:
1. A full source code audit on your mobile application. This uncovers any design or coding flaws in the application.
2. Network protocol analysis and fuzzing. This tells you whether your application communicates securely over a network.
Mobile Device Forensics
One area that should never be overlooked during a Forensic Investigation is the mobile phone. With user’s relying heavily on their mobile phone for email, sms, instant messaging and file storage, valuable evidence can be gathered from a mobile device through forensic analysis. ZenConsult specializes in conducting mobile phone forensics for many of the top mobile phone platforms.
We have designed and built several tools that we use to significantly speed up our forensics investigations and offer them at a very competitive price. Wherever possible, we facilitate recovery of deleted data so that attempts made to hide evidence by deletion are circumvented.