Mobile devices are commonplace in our lives, and for many organisations, mobile applications are an integral part of their digital strategy. Further, with digitalization, organisations have seen a significant rise in mobile applications. A direct consequence of this is an increased attack surface. Attackers exploit vulnerabilities within mobile applications to gain access to backend infrastructure, databases and other related systems.
The SensePost team have presented some of their tooling at international conferences, such as BlackHat USA and DEF CON, and apply their continued research to assessments, culminating a deep and thorough understanding of mobile applications.
Mobile applications come in many forms and while each may have its nuance, the same security principals apply regardless of the technology stack used.View Brochure
Qualified real-world testing: We are contributing to projects such as the OWASP, Application Security Verification Standard (ASVS) and build custom open source tools to facilitate mobile application hacking, many of which are referenced in the OWASP Mobile Security Testing Guide. This experience and track record puts us in the ideal position to test applications from a hacker’s perspective.
Reduced risk: Comprehensive reviews increase the chance of finding security issues before a malicious actor does.
Systematic approach: We follow industry standard practises to allow for consistently reproducible results as well as custom experience-led activities to push it just a bit farther
Improved application resilience: Testing from an attacker’s perspective identifies weaknesses malicious actors look for