Mobile Applications

CODE Security uses mobile application penetration tests to uncover vulnerabilities within the mobile applications that might be exploited by a remote or local attacker in the form of a malicious application running on the same device as the application to be reviewed.

CODE Security offers security tests and reviews of iOS and Android applications, including classical mobile apps, MDM solutions, low-level operating system specifics and kernels. The OWASP Mobile Top 10 security risks provide the backbone of the mobile applications security assessment services we provide for our clients. This includes, but is not limited to, covering the following areas:

  1. Improper platform use
  2. Insecure data storage on the mobile device
  3. Inadequate protection of the transport layer
  4. Insecure / weak authentication methods
  5. Sources of error in cryptography
  6. Insecure / weak authorization methods
  7. Identification of vulnerabilities in the source code of the mobile application
  8. Manipulation of code or application data
  9. Reverse engineering
  10. Identification of potentially security-endangering, hidden functions (e.g., hidden backdoor)

Similar to web application penetration tests, to further increase the effectiveness, CODE Security encourages combining dynamic testing with a static source code review in order to achieve the most comprehensive coverage.

Contact CODE

Do you have questions about CODE, or are you interested in working with us? Send us a message and we will get back to you as soon as possible!

Note: You are not currently logged in. If you log in, we can fill in some information and save you a lot of typing.