We conduct vulnerability analysis via reverse engineering of iOS and Android apps, as well as assessment for source code and server-side APIs.
We provide a security assessment service based on the JSSEC security guide and the OWASP Mobile Top 10 to identify any security issues in smartphone apps for iOS and Android, etc.
We can also run behavior analysis on apps via reverse engineering. After the assessment, we submit a security strength assessment and a report on relevant risk countermeasures.
By identifying issues and risks in smartphone apps, it is possible to take appropriate steps to handle incidents promptly when they occur.
The added value of the app can be enhanced by commissioning and running security assessment from a firm specializing in vulnerability assessment.
Preparations for Smartphone App Vulnerability Assessment
We develop a grasp of the characteristics of each app service, and determine which vulnerability assessment item should be prioritized.
By reviewing the specifications and interviewing staff, we ascertain the app’s use and implemented features.
We determine which elements must be prioritized in accordance with the target app. Thereafter, we provide an estimate.
Smartphone App Vulnerability Assessment Service Delivery
We conduct vulnerability assessment with fully manual procedures. We can handle everything from basic checks to advanced reverse engineering.
We investigate vulnerabilities from reverse engineered source code. If necessary, we write verification code, and test whether hypothetical attack scenarios will succeed.
We examine the contents of files and logs generated when the app is run, and the contents of communications it produces.
Submission of Smartphone App Assessment Report and Suggested Improvements
The report touches on everything from detected vulnerabilities to overall security level, risk, and countermeasures going forward.
We individually specify the reproduction procedures for any vulnerabilities discovered. We will also explain countermeasures.
The assessment touches on everything from overall security level to comments on risk, and countermeasures going forward.
In the report of the assessment results, we present the details, reproduction procedures, risks, and countermeasures for the vulnerabilities that are discovered, so that the client company can correct them quickly.
*Please request a sample report on the inquiry page. A representative will send them within two business days.
Please do not hesitate to contact us.
Wishing to solve security issues in your web services or apps and maximize profit? Please do not hesitate to contact us, as we will be delighted to help you.
Our highly experienced security engineers will test your system.