NowSecure, the industry's leading provider of standards-based mobile app security and privacy software, today announced the launch of the world's largest mobile app pen testing service for the OWASP Mobile Application Security Verification Standard (MASVS) and the addition of automated MASVS testing to the NowSecure Platform. Presently, mobile enterprises, application developers, and security teams can rely on NowSecure specialists for the gold standard of mobile app testing to assure OWASP MASVS compliance.
In 2021, 200 billion installed mobile applications produced over $170 billion in revenue, indicating that mobile applications are driving the global economy. Customers and staff alike prefer mobile applications over online apps, with over 70% of all digital time spent in mobile apps vs. web apps. However, assaults and breaches have increased significantly in the last year, with major mobile app security problems affecting Amazon Ring, Apple iMessage, Park Mobile, Slack, and US Customs and Border Protection. According to the NowSecure MobileRiskTracker, 85% of evaluated applications contain security flaws, and 70% leak sensitive data. Companies must be careful in incorporating security into their mobile applications and extensively testing them to assure their safety.
Since its inception in 2013, the OWASP mobile project has pushed for standards-based security criteria and testing methodologies. The OWASP mobile project, which is used by mobile app developers, architects, security teams, and security researchers, contains three essential resources, the most recent of which was updated in January 2022, to give the best risk reduction method for mobile app teams:
The OWASP Mobile Application Security Verification Standard (MASVS) establishes a standard for mobile app security.
The OWASP Mobile Security Testing Guide (MSTG) describes how to put the MASVS criteria to the test.
The OWASP Mobile App Security Checklist keeps track of security assessment tasks for mobile apps.
NowSecure practitioners have collaborated on spec evolution and tools with the OWASP mobile project from its inception, and the firm acts as an OWASP "god mode" sponsor for the OWASP MASVS.
"The OWASP MASVS and MSTG are the foundation of a mobile appsec program. The MASVS guides developers and security analysts on architecture, threat modeling and proper techniques to secure mobile data. The MSTG has hundreds of tests you should perform and there are many nuances and edge cases to consider. Without the right expertise it can be tough to effectively achieve full MASVS compliance. The MSTG encourages the use of automated tools to leverage static and dynamic analysis but also emphasizes that having security professionals you can trust is essential."
Carlos Holguera, OWASP project lead and NowSecure Security Researcher
NowSecure CEO Alan Snyder said that "NowSecure is the recognized expert for standards-based testing software and services, partnering with organizations to safeguard trust in their mobile app initiatives. As an OWASP contributor and sponsor for years, we are committed to the evolution of the specifications. Today we are adding these products and services to help customers ensure the security and privacy of their mobile apps leveraging the gold standard of OWASP MASVS."