A Mobile Application Assessment (MAA) provides in-depth manual and dynamic (run-time) analyses of Android/iOS devices and applications, irrespective of source-code availability, following the OWASP Mobile Security Testing Guide (MSTG) and OWASP Mobile Application Verification Standard (MASVS) methodologies. Using the same tools and techniques as real attackers in addition to our own, we’ll test your mobile applications for the OWASP Top 10 Mobile Risks.
When conducting an MAA as a Hybrid Application Assessment (HAA), we’ll leverage the source code provided to validate and locate vulnerabilities. If source code isn’t available, the team will attempt to reverse engineer the application’s binary to partially reconstruct an application’s source code and attempt to identify security vulnerabilities.
Methodology
We have adopted a hybrid approach for application penetration testing, wherein we follow the OWASP methodology and build custom test cases around the business logic that varies from client to client. This penetration testing approach helps us ensure thorough end-to-end security.