–News Direct–
NowSecure, the leader in mobile security and privacy testing, today raised the level of protection available to safeguard enterprise mobile app portfolios with the industrys first automated solution for the OWASP Mobile Application Security Verification Standard (MASVS) version 2.1. Available from within NowSecure Platform, customers can comprehensively test to the MASVS v2.1 industry standard easily demonstrating to stakeholders that their mobile apps uphold the highest levels of security and user privacy.
The OWASP MASVS v2.1 serves as the global standard for mobile application security and defines a set of requirements and best practices for secure mobile app development. It includes a new category supported by the NowSecure Platform, MASVS-PRIVACY. These controls provide mobile app development and security teams with much-needed visibility into the privacy implications of their mobile apps to meet app store requirements and meet the challenge of the intensifying scrutiny of the U.S. Federal Trade Commission (FTC).
"With the new privacy category, we're now able to address cases not covered by traditional security testing, said Carlos Holguera, OWASP MAS project lead and senior mobile security research engineer for NowSecure. The support inside NowSecure Platform is critical for our customers."
While data security focuses on protecting data from unauthorized access, privacy focuses on the rights of users regarding data collection, processing, storage and sharing. For example, imagine that an app transmits encrypted data securely, but that data contains highly sensitive personal information thats sent to outside parties without user consent. The new privacy controls ensure this and other privacy failures are prevented, Holguera explained.
The new OWASP-MASVS v2.1 controls featured in NowSecure Platform include:
- MASVS-PRIVACY-1: Minimizes access to sensitive data and resources
- MASVS-PRIVACY-2: Prevents user identification
- MASVS-PRIVACY-3: Ensures/promotes transparency in data collection and usage
- MASVS-PRIVACY-4: Provides user control over personal data
As an OWASP MAS Advocate and industry leader, NowSecure has extensively contributed to the OWASP Mobile Application Security Project (MAS) and championed creation of OWASP MASVS-PRIVACY. "This new category is the result of extensive expert-driven research across the industry. It aligns with, and goes beyond the shift toward protecting user privacy started by Apple and Google, said Holguera.
Security and privacy go hand in hand in new OWASP MASVS findings and report in NowSecure Platform and the NowSecure OWASP MASVS Pen Testing Service leverage best-in-class test automation and expertise to ensure that your app remains fully compliant across all eight MASVS domains:
- MASVS-STORAGE
- MASVS-CRYPTO
- MASVS-AUTH
- MASVS-NETWORK
- MASVS-PLATFORM
- MASVS-CODE
- MASVS-RESILIENCE
- MASVS-PRIVACY
NowSecure recently published a benchmark report revealing 95% of mobile apps fail to meet the OWASP MASVS v1.0 standard and released a guide on common secure coding mistakes, helping developers bridge the gap and enhance their security practices.
The NowSecure Platform OWASP MASVS report delivers a concise view of passed and unmet requirements and indicates if a requirement needs manual review. Mobile app security, development and GRC teams can consult the report to quickly identify areas of improvement for their mobile app testing programs. Once the app meets the MASVS v2.1 requirements, NowSecure Platform can also generate a letter of attestation to demonstrate that the app is secure and respects user privacy.
The new OWASP MASVS report will be available to NowSecure Platform customers, allowing them to incorporate the latest advancements in mobile app security and privacy testing within their development workflows. To experience NowSecure Platform and benchmark your mobile apps against the OWASP MASVS, request a demo today.
About NowSecure
As recognized experts in mobile security and privacy, NowSecure protects the global mobile app economy and safeguards the data of millions of mobile app users. Built on a foundation of standards, NowSecure empowers the worlds most demanding organizations with security automation to release and monetize 30% faster, reduce testing and delivery costs by 30% and reduce appsec risk by 40%. Only NowSecure offers a full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing as a Service (PTaaS), and training courseware. NowSecure actively contributes and supports the mobile security open-source community, standards and certification including OWASP MASVS, ADA MASA, and NIAP, and is recognized by IDC, Gartner, Deloitte Fast 500, and TAG Cyber.
Contact Details
Jon Brody
Company Website
View source version on newsdirect.com: https://newsdirect.com/news/nowsecure-unveils-first-automated-owasp-masvs-v2-1-mobile-app-security-and-new-privacy-testing-206599761
NowSecure
COMTEX_451669338/2655/2024-04-30T13:28:55
Disclaimer: The views, suggestions, and opinions expressed here are the sole responsibility of the experts. No State Today USA journalist was involved in the writing and production of this article.