Veracode, Inc. has launched a comprehensive mobile app security verification service . The company also announced the Mobile App Top 10 List to establish an industry-wide security standard to enable organizations to implement application security policies across their mobile app environments.
Veracode currently provides application security verification for RIM’s BlackBerry operating system (OS) and Windows Mobile. Support for Google’s Android OS will be available this quarter with Apple iOS support in coming months. Veracode is accepting all mobile app submissions, regardless of platform, for security verification as part of its extensive beta program.
"More and more enterprises are realizing that 2011 is quickly becoming the tipping point for mobile security issues," said Nigel Stanley, practice leader, IT security, Bloor Research. "For both active and passive attacks ranging from GSM air interface attacks through to the use of Trojan malware to target users, with Veracode I share my intense interest in best practices for mitigating these risks and what steps users, businesses, developers and organizations need to take to secure their smartphones and apps. With this launch, enterprises failing to investigate and act on mobile app security vulnerabilities due to lack of a pragmatic and cost-effective solution are no longer excusable."
"While much has been done in terms of setting standards for the security of web applications, we felt it was necessary to extend the same rigorous framework to mobile," said Chris Wysopal, CTO, Veracode. "In the mobile app market, we see both inadvertent coding errors and intentional, malicious code as security culprits. We strongly recommend industry-wide adoption of the Mobile App Top 10 for the development of apps, as part of an app store vetting process, for acceptance testing of an app, or for use by providers of security software running on mobile devices."