Mobile Application Security findings are subjected to static and dynamic analysis to analyze an app publisher’s mobile applications and determine the severity of vulnerabilities. The testing process follows the Open Web Application Security Project (OWASP) policies/standards. See tests for Android and iOS.
- Analyzes the binary post-compilation to discover vulnerabilities, including those in third-party libraries.
- Observes the binary at runtime to discover vulnerabilities within the app.
There are several categories of testing. The tests can be generalized as follows:
- Artifact Checks – Checks for embedded URLS that can point to sensitive company servers or assets, and provides valuable information to potential attackers.
- Code Checks – Analysis of how the underlying code behaves and checks for known vulnerabilities (such as Heartbleed), using insecure libraries and checking if the application is susceptible to known platform-specific bugs.
- Content Provider Checks – Checks configuration of an application's content provider, if used. Content providers allow apps to share data and files.
- Information Checks – Analysis of log files produced by the mobile app and checking if any sensitive information is revealed in those log files, such as application or device configuration.
- Network Communications Checks – Analysis of data sent and received by the application, checking if sensitive data is properly encrypted and if TLS/SSL certificates are used correctly.
- Permission Checks – Checking application permissions and determining if an app's data can be read, modified, or executed by other apps. Open permission checks can pose security risks and compromise the integrity of the mobile app. This also checks when an app tries to run commands as the root user, which can be a security risk.