Mobile Security Review
Insomnia Security has the capability to carry out mobile application reviews across a broad range of clients, as well as to perform security reviews of mobile devices and their configuration profiles.
Mobile application reviews includes an indepth look at all of the components that make up a mobile application environment. This includes the ondevice application itself, the communicaation protocol in use, and the security of the endpoint web services. A review of this type will usually include a source code review component, as well as live application testing within a test environment.
Includes specific issues such as:
- Jailbreak detection
- Data tampering prevention
- SSL certificate handling
- Data storage
- Key exchange
- Standard web services penetration testing
Mobile device security reviews focusses on the configuration and deployment profiles associated with a particular device, or set of devices. These types of reviews are sometimes carried out to answer the questions of 'What happens if the device is lost/stolen?'.
Such reviews include an analysis of the deployed version, to ensure it is not vulnerable to known security issues as well as reviewing the device for previously unknown vulnerabilities.
Full service descriptions, methodologies and sample reports are available upon request