Mobile apps are a necessary component of today’s communications. To operate effectively in the mobile environment, organizations are being called on to visualize, integrate, and leverage disparate information sources to dramatically extend their performance, efficiency, and reach. Users are eager to adopt these new tools anywhere, in the office and on the move. Mobile apps—whether built in-house or purchased from the outside—must be secure for both users and organizations.
Despite their ability to enhance productivity and business operation, mobile apps can introduce functional, performance, and security issues. Mobile malware is increasing at an alarming pace, and the methods by which insecure apps can affect other apps, mobile devices, and/or the underlying network infrastructure are becoming much more complex. An insecure app can lead to lost productivity, loss of data, legal liability, damage to brand credibility—and worse. In today’s world, mobile app vetting is an essential part of a holistic enterprise cybersecurity plan, and Booz Allen’s AppCritique capability can help you meet this need.
Developing an app is hard. Ever-evolving platform API's, cross-platform requirements, and timely delivery pressures make it harder. AppCritique can help relieve some of the pressures of shipping a great app by providing a second look at potential security threats that may exist. Our proprietary app analysis engine was developed by our mobile forensics and network security subject matter experts, and provides extensive coverage in all things app security. We stay tuned in to the Android and iOS developer and cybersecurity communities, and update our checks on a weekly basis.
Do you require a different option? Please contact us to arrange a custom AppCritique offering.
AppCritique has partnered with the National Institute of Standards and Technology (NIST) to help define the techniques used to identify vulnerabilities in mobile applications. By participating in NIST's Mobile Application Security Exercise, AppCritique provided a significant number of security findings and traits which demonstrate the capability of the mobile application security industry. Participation in these exercises have shown that AppCritique includes reporting features which other vendors do not.
All AppCritique security checks reference the OWASP Mobile Top 10 threat categories. These 10 categories represent a community consensus of the most critical security risk categories to mobile applications. The AppCritique team closely follows the OWASP mobile security project as a resource which guide all stages of mobile application security efforts.
For questions, feedback or sales inquiries, contact us at:firstname.lastname@example.org