WhiteHat Security has released its Sentinel Mobile application assessment solution to target the mobile app testing market, capable of testing "on device" or when applications reside on a server.
- DDoS Mitigation - Best Practices for a Rapidly Changing Threat Landscape
- Key Components Of Your Resiliency Strategy
- State of Cloud 2011: Time for Process Maturation
- SaaS 2011: Adoption Soars, Yet Deployment Concerns Linger
- Agile Service Desk: Keeping Pace or Getting out Paced by New Technology?
- Inside Threats: Is Your Company at Risk?
The software provides "accurate and actionable" application vulnerability information across today's increasingly rapid software development lifecycle (SDLC).
The firm already produces the "non-mobile" WhiteHat Sentinel to assess, verify, and report code-level flaws in applications that are in a state of current fluid development or are in postproduction deployment.
"Mobile is clearly accelerating businesses' application development practices as it replaces the 'traditional' web, but mobile security until now has not kept the needed pace to mitigate the added risk," said Stephanie Fohn, CEO of WhiteHat Security. "With Sentinel Mobile, we are offering an advanced, platform-agnostic solution to evaluate all facets of in-house or third-party mobile applications, regardless of device or OS."
"Mobile application security has seen too much confusion and fragmentation and not enough focus on where the heart of security problems truly lie," said Jerry Hoff, vice president, source code analysis division, WhiteHat Security. "The majority of mobile application problems live on the server-side and go unnoticed or untreated, creating even more attack surfaces to exploit."
The Sentinel Mobile service can continuously scan all iOS, Android or other mobile apps in their environment; evaluate device- and server-side code, both static and dynamic (and correlate the results); and identify application-specific vulnerability trends to improve developer practices.