Mobile Penetration Testing
Just Mobile Security offers a Mobile Application Security Assessment service that specializes in performing Penetration Testing on Android or iOS applications. The purpose of the service is to identify vulnerabilities or weaknesses that require immediate attention, as they may lead to economic losses or harm to the company or application owner. The service distinguishes itself by utilizing several approaches, such as static analysis, which involves reverse engineering the application to identify code-level vulnerabilities from the perspective of an attacker without access to the source code. Dynamic analysis is also used to interact with the application at runtime and detect vulnerabilities not only in the frontend but also in its interactions with the backend, APIs, or other services.
Various types of Penetration Tests, including Black-Box, White-Box, and Grey-Box, can be utilized to assess the security of a Mobile Application. These tests enable us to adopt different perspectives and strategies for conducting the evaluation. By doing so, we can gain a more comprehensive understanding of the Mobile Application's strengths and weaknesses from multiple angles.
At the conclusion of the assessment, a comprehensive report is provided, which outlines the vulnerabilities discovered during the testing process. The report is divided into two sections: the executive report and the technical report. The executive report summarizes the findings at a high level, while the technical report provides a more detailed analysis of each vulnerability, including the testing process involved in identifying it and remediation recommendations for addressing it. Additionally, weekly meetings are scheduled to report on the progress of the assessment to the relevant personnel.