Latest Release Automates Policy-Based Security Testing and Significantly Expands Mobile Security Assessment Coverage for Faster, Higher-Quality Delivery of Mobile Application Software at Lower Costs
CHICAGO, September 27, 2022 /PRNewswire/ — Now securethe leader in standards-based mobile app security and privacy software, today launched the latest iteration of the NowSecure Platform with new industry-first standalone capabilities for productivity and auditability: Policy Engine and Guided Testing. NowSecure Platform Policy Engine is a first-of-its-kind mobile AppSec testing solution that enables organizations to seamlessly deploy, automate, and enforce custom security policies and controls against industry standards. Security teams can now ensure standardized AppSec compliance, allowing developers to code and deploy faster by knowing the “security rules” in advance. Additionally, NowSecure Platform Guided Testing provides a new, more advanced hybrid approach to mobile application security assessment by combining highly accurate automated testing with expert analyst guidance, providing a more cost-effective alternative to manual pen testing.
Mobile app developers and security teams face some of the most critical security risks to date, as the NowSecure MobileRiskTracker™ revealed that more than 85% of apps tested in the Apple App Store and Google Play have security vulnerabilities and 70% actively leak private data. This largely stems from ineffective and ineffective measures in building and testing mobile app security. To mitigate these risks, NowSecure Platform now offers a new kind of security automation for faster and more efficient pipeline performance. NowSecure Platform Policy Engine gives mobile application security teams the ability to implement, automate, and enforce standard policies customized to their specific security needs at scale. What was generally considered a convoluted and tedious process involving multiple tools and human interaction, is now simplified and integrated into this affordable all-in-one solution. With NowSecure Platform Policy Engine, organizations can create a custom policy that includes relevant compliance requirements, industry standards, custom Common Vulnerability Scoring System (CVSS) scores, and prioritized results to render results of all assessments actionable, effective and consistent security systems. Policy Engine eliminates the tedious task of tracking application security policies for different teams and risk levels in a spreadsheet and ends debates between development and security teams about what security issues to address and how to code accordingly. completely safe.
“Organizations need to publish faster, reduce costs and improve security; and the only way to do all three is through automation,” said the CEO of NowSecure. Alan Snyder. “The status quo of static source code analysis from traditional web testing tools and manual periodic penetration testing is too expensive, wastes developer time, and does not improve security. The current release of the NowSecure platform delivers key innovations that make it easier for customers to access their mobile business goals efficiently through security automation.”
The key components of NowSecure Platform Policy Engine, which are available today on the NowSecure Platform, enable security and mobile application development teams to:
- Deploy a shared set of rules to achieve more consistent, predictable, and relevant results for developers and security teams
- Create policies for different application risk categories and mobile teams across the organization
- Run autonomously repeatable vulnerability assessments with security policy checks to unleash developer speed with confidence in policy compliance
- Maintain auditability with policy versioning to correlate assessment and policy used
- Improve efficiency by focusing development and security teams on the narrow scope of what needs to be secured, eliminating the noise of traditional generalized scanning methods
- Demonstrate to auditors and regulators that appropriate application security and privacy controls have been applied to each version of the application before being promoted to production
With this update, NowSecure has also introduced the NowSecure Platform Guided Tests capability, an industry-first hybrid security solution offering automated mobile application security assessment coupled with interactive expert analysis. As organizations face tight IT budgets and labor shortages in the wake of a potential economic downturn, guided testing provides a cost-effective solution using security automation. Organizations can now bridge the gap between fully automated testing and comprehensive, expert-led penetration testing. Typically used to provide extended coverage for high-risk and complex mobile applications, NowSecure Platform Guided Testing offers depth of over 600 tests including SAST, DAST, IAST and APISec with very high accuracy and less than 1% false positives reported by customers. assess. This combination of automated testing and expert analyst guidance helps evaluate the most used critical workflows, multi-factor authentication, and bypassing anti-automation blockers to test beyond authentication workflows. This hybrid security automation means organizations can better tailor their mobile security testing to align with their risk profile, coverage, and cadence requirements at a lower cost.
“The NowSecure platform’s guided testing strikes a perfect balance between automated testing and pen testing, which is more cost effective with better coverage,” said the AppSec manager at a fintech mobile app maker.
With this latest release, customers will also find an improved user experience for developers and security. The NowSecure platform interface is now optimized for faster task execution, streamlined load times, and advanced filters to provide development and security teams with personalized results tailored to their workload. The platform is now also available in dark mode for better readability and reduced eye strain from screen time.
The latest update to the NowSecure platform joins NowSecure’s only comprehensive suite of mobile app security solutions, including NowSecure Workstation pen tester productivity kit, NowSecure Supply Chain Risk Management, NowSecure Pen Testing Servicesand NowSecure Academy training tutorials for development and security teams. Built on a foundation of standards and automation, NowSecure enables organizations to deliver the most secure mobile apps faster and continuously monitor risk in their mobile app supply chains. Top mobile innovators trust NowSecure to protect their mobile apps, including AT&T, Caribou Coffee, Chime, iRobot and Uber.
Learn about all the latest features of the NowSecure Platform in our blog post: NowSecure Platform Boosts Mobile DevSecOps Productivity and Cost Savings.
To see the NowSecure Platform in action, learn about the latest mobile AppSec innovations from industry experts, and share DevSecOps best practices, join us at the NowSecure Connect22 virtual event on October 26, 2022 – register here.
As a leader in standards-based mobile app security and privacy, Now secure protects the mobile app economy. The world’s most demanding organizations, innovative mobile developers, and advanced security teams trust NowSecure to protect millions of mobile app users in the most regulated and compliance-driven industries. Only NowSecure offers a full suite of solutions for continuous security testing for DevSecOps, mobile app supply chain monitoring, expert mobile pen testing and training courseware with the necessary depth, efficiency and accuracy. to meet the demands of modern business. Dedicated to the open-source community and standards such as OWASP, ioXt and NIAP, NowSecure is SOC 2 certified and recognized by IDC, Gartner, Deloitte Rapid 500 and TAG Cyber.