Mobile Application Penetration Testing
As mobile apps are more and more used by every field of activity, they become also more and more interesting for malicious attackers. Apps need therefore to have a strong security, just as websites. That’s why we do mobile apps penetration testing that takes into consideration their specificities.
Our pentesters test the mobile application installed on the smartphone as well as the API used by the mobile app, and the server on which the app is hosted.
For the mobile application, we test:
- Data storage,
- Network communication (communication with the API),
- Platform interaction – local identification,
- Security configurations (signature, debug…),
- Source code (that is available with the mobile app).
And for the API and the server, we test:
- Every functionality,
- Implementation & usages of the third-party components,
- Server and its different services (web, mail, FTP, SSH…),
- Security configurations of each element,
- Company’s politic: updates, team work methods (processes, how is the code shared? etc.).