Does "Rapid and Mobile" Always Mean Vulnerable?

WhiteHat Security has released its Sentinel Mobile application assessment solution to target the mobile app testing market, capable of testing "on device" or when applications reside on a server.

The software provides "accurate and actionable" application vulnerability information across today's increasingly rapid software development lifecycle (SDLC).

The firm already produces the "non-mobile" WhiteHat Sentinel to assess, verify, and report code-level flaws in applications that are in a state of current fluid development or are in postproduction deployment.

"Mobile is clearly accelerating businesses' application development practices as it replaces the 'traditional' web, but mobile security until now has not kept the needed pace to mitigate the added risk," said Stephanie Fohn, CEO of WhiteHat Security. "With Sentinel Mobile, we are offering an advanced, platform-agnostic solution to evaluate all facets of in-house or third-party mobile applications, regardless of device or OS."

"Mobile application security has seen too much confusion and fragmentation and not enough focus on where the heart of security problems truly lie," said Jerry Hoff, vice president, source code analysis division, WhiteHat Security. "The majority of mobile application problems live on the server-side and go unnoticed or untreated, creating even more attack surfaces to exploit."

The Sentinel Mobile service can continuously scan all iOS, Android or other mobile apps in their environment; evaluate device- and server-side code, both static and dynamic (and correlate the results); and identify application-specific vulnerability trends to improve developer practices.