Profile cover photo
Profile photo
Julian Evans
245 followers -
Mobile Security Specialist at AppSecTest
Mobile Security Specialist at AppSecTest

245 followers
About
Posts

Post has attachment
Add a comment...

IT and compliance consultants will no doubt be aware of the different aspects of GDPR. One aspect of GDPR that is somewhat overlooked by organisations I speak with, is the ability to validate the mobile app codebase for GDPR Articles 25 & 32 regulatory compliance.

It’s important that organisations know, that validating the mobile app codebase allows them to analyze for insecure code and that it might lead to data leakage and other non-compliance issues in the SDLC and distribution process.

There is also the issue of mobile app non-compliance in the cloud, where apps send their data back to an insecure cloud storage. Some organisations I speak with believe wrongly, that compliance in the cloud will also lead to compliance with their apps.

Now IT and compliance consultants have this knowledge, why not consider a technology that provides mobile app non-compliance information in the SDLC to your clients?
Add a comment...

Mobile App Developers/organisations: Increasing confidence in the mobile app codebase, involves identifying defects early, as well as testing for common security issues and risks in the software development lifecycle (SDLC).

An ability to write and remediate secure code faster and more accurately and provide guidance (and improve training) with regulatory compliance, allows developers to focus on building leading edge mobile apps.

We want developers to own not only the quality assurance but also the security of their code. We also want developers to have increased awareness of regulatory compliance, especially when it comes to GDPR Article 25 privacy by-design. Developers and the organisations they work for, deserve nothing less.
Add a comment...

Mobile app developers know that it's all about coding quality. In other words, does it compile or not. So, having that robust software development lifecycle is important if you want to identify and understand why the code has failed as well as being both cost effective and time efficient. So why is it that we see so many mobile apps both on Android and iOS with coding and compliance issues?
Add a comment...

Post has attachment
Add a comment...

Gartner’s April 2017 Mobile Application Security Testing market guide found that 60 percent of respondents reported a data breach resulting from an insecure mobile app and 64 percent of respondents were found to be concerned about a vulnerable mobile app in the workplace.

It’s apparent that Mobile DevOps will no doubt drive the need for automation and speed for SAST, DAST, behavioural testing and IAST types of analysis. AppSecTest (ASAnalyzer) also received a mention! #appsectest #asanalyzer
Add a comment...

Mobile App Developers/organisations: Increasing confidence in the mobile app codebase, involves identifying defects early, as well as testing for common security issues and risks in the software development lifecycle (SDLC).

An ability to write and remediate secure code faster and more accurately and provide guidance (and improve training) with regulatory compliance, allows developers to focus on building leading edge mobile apps.

We want developers to own not only the quality assurance but also the security of their code. We also want developers to have increased awareness of regulatory compliance, especially when it comes to GDPR Article 25 privacy by-design. Developers and the organisations they work for, deserve nothing more.
Add a comment...

Identify and validate the mobile app codebase with ASAnalyzer for security and privacy implementation and #GDPR issues. #android #iOS
Add a comment...

ASAnalyzer for #Android report: Yahoo Mail has over 30 security coding issues that require validation as well as using over 100 URLs. #GDPR
Add a comment...

Post has attachment
Julian Evans and Adam Jennings of .@asanalyzer join the #dpconf17 to talk about data privacy issues with mobile apps. https://t.co/OAsXm6HrNX
Add a comment...
Wait while more posts are being loaded