Application security vendor ImmuniWeb has announced the release of Neuron Mobile, a mobile application security testing solution designed to scan for OWASP Mobile Top 10 Vulnerabilities and Weaknesses in iOS and Android apps. Neuron Mobile is a fully automated solution that offers dynamic and static application security testing (DAST/SAST) and software composition analysis (SCA) scanning capabilities with a contractual SLA of zero false positives.
Backend endpoints for mobile apps, APIs reviewed for privacy, encryption, compliance
Neuron Mobile will leverage machine learning capabilities that can detect more advanced vulnerabilities compared to traditional mobile security scanners, while mobile application backend endpoints and APIs will be enumerated and assessed for privacy, encryption and compliance issues, the vendor said. in a press release.
An annual subscription to Mobile Neuron also includes access to ImmuniWeb’s security analysts and mobile security experts for support with mobile security testing, including vulnerability exploitation, remediation and hardening of mobile apps, the company added. Neuron Mobile appears to be DevSecOps and CI/CD ready, with an extensive list of out-of-the-box integrations for automating mobile security testing within software development cycles.
Mobile security threats are rife in modern businesses
Mobile security threats are rife in modern businesses, with smartphones and tablets being rich targets for exploitation and cyber-attacks. According to the Verizon 2022 Mobile Security Index, nearly half of organizations have experienced a security incident involving a phone or tablet that resulted in data loss, downtime, or some other adverse outcome. Malware, social engineering, data breaches and Wi-Fi interference are among the many mobile security threats facing organizations, while new technologies such as generative AI are predicted to create new opportunities for cybercriminals to target mobile devices.
Malicious apps that appear legitimate are listed as one of the top mobile security threats in McAfee’s Consumer Mobile Threat Report 2023. Cybercriminals are getting better at sneaking their apps into stores, often using encryption to hide malicious code from reviewers or delays built in so that malicious content only appears after they pass security tests, the report said. Some apps download additional malicious code after installation, while cyber criminals can infect legitimate apps by placing their code in third-party code libraries.