The new solution scans and provides risk mitigation recommendations for mobile applications with an emphasis on securing their back end web services. By protecting these mobile web services, Cenzic enables application developers and enterprises to combat the next generation of mobile security attacks.
“Mobile applications have given us new ways to interact, play, and boost productivity, but they’ve also exposed a dark side,” said John Weinschenk, CEO at Cenzic. “Hackers have sought to exploit the popularity of mobile applications due to their numbers and potential payoff. In the race to curtail these threats, many vendors have missed the mark by focusing exclusively on endpoint security—securing the information on the mobile device itself. Back end services are the next frontier for hackers because they provide the biggest payoff. Compromising a mobile device gives them access to limited information, while compromising a back end service gives them access to potentially millions of records.”
Cenzic’s new mobile application security intelligence solution gives insight across all mobile applications and back end services, providing recommendations on how to reduce risks originating from specific applications, application developers, and businesses.
Additional features of Cenzic’s new mobile application security solution include:
- Platform Independent Scanning – Cloud-based technology allows Cenzic to test the applications built on any platform, including iOS, Android, J2ME, and many more.
- Device to Back End Server Communication Testing – Most companies only test the client source code to discover vulnerabilities in mobile applications. Cenzic tests the mobile application in action when it communicates sensitive user data to server, discovering sensitive data leakage, input validation, session and application logic related flaws.
- Leveraging Common Architecture – Results delivery through secured dynamic web portal, providing users with report item drill down. Results can also be imported into the client's Cenzic Enterprise ARC Dashboard.