14 DAY TRIAL // Automated web application security solutions provider NT OBJECTives has launched NTOMobile On-Demand, a service that enables organizations to perform comprehensive security testing on mobile applications.
NTOMobile On-Demand delivers comprehensive and effective verifications by combining dynamic application security testing (DAST) from NTOSpider, static analysis security testing (SAST), and the skills of expert penetration testers.
Recent studies have shown that over three quarters of mobile applications fail basic security tests. This is mainly due to the fact that they’re not tested properly. Instead, developers usually do some casual testing to see if their apps are secure.
However, the problem is that developers tend to focus more on functionality, instead of security. Furthermore, even if they want to conduct proper security testing, many companies don’t have the necessary knowhow.
This is where NTOMobile On-Demand steps in. The solution enables organizations to effectively and automatically test the services powering mobile backends, and even ones that leverage new technologies like SOAP, JSON and REST.
As far as pricing is concerned, customers have to pay on a per year per application basis. Mobile application security testing for both iOS and Android is supported.
“Tackling mobile application testing has been tough for security teams as it requires an investment in proper training and tools. Comprehensive mobile application security testing requires a combination of both static and dynamic analysis. Anything less than that is simply incomplete and ineffective,” said Dan Kuykendall, co-CEO and CTO of NT OBJECTives.
“Some vendors allow security teams to choose between testing the source code, testing the services and pen testing mobile applications. NTOMobile On-Demand combines static and dynamic web application security testing with expert pen testers at a competitive price,” Kuykendall added.
NT OBJECTives has recently announced an update to the NTOSpider web application scanner to enable customers to automatically test even complex workflows, such as shopping cards and registration sequences.
“Until now, the only way to accurately test a complex application workflow like shopping cart or invoice processing has been manually. If it takes a tester 16 hours to test a complex workflow by hand and that organization has 20 applications with complex workflows, that can add up to over a month of testing,” Kuykendall said at the time.
NTOSpider has also been integrated with Selenium, a browser automation tool. This allows security teams to automatically detect vulnerabilities in the early stages of the development lifecycle.
For additional information on NTOMobile On-Demand, check out NT OBJECTives’ website.