Cenzic Mobile

Managed Service that Identifies Vulnerabilities in Mobile Applications

Cenzic Mobile service, powered by Hailstorm, extends application security to protect data on the latest online front.  Since many mobile applications connect to databases on the backend, they are a target of hackers. Cenzic leverages its Hailstorm technology and more than a decade of application security experience to deliver services that analyze Mobile applications and detect vulnerabilities in critical areas, including input validation authentication mechanisms, session security, encryption usage and policy compliance.

Dynamic Application Security Testing for Mobile

• Non-Intrusive Vulnerability Tests

  Mobile application coding and logic will be tested. 

• Invasive Fault-Injection Tests

  Various styles of malicious will be injected into forms, hidden fields, parameters, POST data, cookies, and HTTP headers.

• Web Server related tests

  These tests find configuration, file management and system-level vulnerabilities in the application’s server environment.

• Manual Penetration Testing to Discover Session and Application Logic Flaws

  These tests analyze session and rights management vulnerabilities while also analyzing the mobile application for any potential logical flaws.

• Mobile Web Services Testing (if applicable)

  These tests are for mobile application that uses webservices to communicate between client and server.

Continuous Application Testing

Due to the unceasing onslaught of hackers’ employing new methods to access valuable data organizations, application security must be an ongoing effort. Effective application security is not a one-time event, but a discipline of testing and re-testing – continuously throughout an application’s lifecycle. Continuous testing is the only way to protect applications from the hundreds of new threats that come out every month.

Cenzic Hailstorm performs continuous testing of Cloud, Mobile and Web applications by taking a virtual snapshot of the apps.