Application security vendor ImmuniWeb has announced the release of Neuron Mobile, a mobile application security testing solution designed to scan for OWASP Mobile Top 10 vulnerabilities and weaknesses in iOS and Android apps. Neuron Mobile is an entirely automated solution that features dynamic and static application security testing (DAST/SAST) as well as software composition analysis (SCA) scanning capacities with a contractual zero false-positives SLA, according to ImmuniWeb.
Mobile app backend endpoints, APIs reviewed for privacy, encryption, compliance
Neuron Mobile uses machine learning capacities that can detect more sophisticated vulnerabilities compared to traditional mobile security scanners, while mobile application backend endpoints and APIs will be enumerated and reviewed for privacy, encryption, and compliance issues, the vendor said in a press release.
An annual subscription to Mobile Neuron also includes access to ImmuniWeb’s security analysts and mobile security experts for mobile security testing support, including vulnerability exploitation, remediation, and mobile app hardening, the company added. Neuron Mobile is apparently DevSecOps and CI/CD ready, with a comprehensive list of turn-key integrations for automation of mobile security testing within software development cycles.
Mobile security threats widespread across modern businesses
Mobile security threats are rife across modern businesses, with smartphones and tablets rich targets for exploitation and cyberattacks. Nearly half of organizations have been subject to a security incident involving a phone or tablet that led to data loss, downtime, or another negative outcome, according to the Verizon 2022 Mobile Security Index. Malware, social engineering, data leakage, and Wi-Fi interference are among the many mobile security risks organizations face, while novel technologies such as generative AI are predicted to create new opportunities for cybercriminals to target mobile devices.
Malicious apps that appear legitimate are cited as one of the top mobile security risks in McAfee’s 2023 Consumer Mobile Threat Report. Cybercriminals are getting better at sneaking their apps into stores, often using encryption to hide malicious code from reviewers or building in delays so malicious content only shows up after passing security tests, according to the report. Some apps download additional malicious code after installation, while cybercriminals can infect legitimate apps by putting their code in third-party code libraries.