Five Penetration Test Tips to Create Secure Mobile Apps
Just as businesses and consumers make the shift from desktop-driven digital change to mobile devices and applications, so are malicious actors. While traditional attack vectors still enjoy widespread success, increasing infosec knowledge about cybercriminal origins and threat profiles has pushed attackers down a new path: Mobile.
As noted by Threat Post, for example, advanced persistent threats (APTs) like RedDawn — which masquerades in app stores as “beta” versions of useful software — are now making the shift to mobile platforms. PC Authority, meanwhile, reports that fraudulent mobile transactions are up more than 600 percent from 2015, while Dark Reading points out that mobile users are now 18 times more likely to be targeted by phishing than traditional malware attack vectors.
What does all this movement mean for mobile app developers and owners? That just designing secure applications is not enough. Ongoing penetration testing and risk assessments are now critical to ensure that apps that were safe yesterday still hold up today — and won’t fall apart tomorrow.