NowSecure has launched its latest offering, NowSecure Mobile Pen Testing as a Service (PTaaS), to bridge the gap between automated and manual mobile security assessments for continuous security.
Designed to provide mobile developers and security teams with a more cost-effective, efficient pen testing solution, NowSecure PTaaS combines periodic expert manual assessments with automated continuous testing to optimize for full coverage at high frequency rates.
With this combination, the all-in-one portal and service can identify issues earlier in the developer pipeline and provide consulting guidance to resolve security issues and accelerate software to production.
As organizations grapple with recession-tightening budgets in conjunction with the growing threat of mobile cyberattacks, there is an industry need for a cost-efficient, high-frequency, high-coverage mobile Apsec testing solution. According to Coalfire and NowSecure’s 4th Annual Penetration Risk Report, 99% of mobile applications have security or privacy risks.
By integrating NowSecure Mobile PTaaS, CISOs and security leaders can manage their pen testing budget while prioritizing continuous, full coverage security testing. Built on more than 12 years of mobile application security experience and thousands of pen tests performed, the NowSecure Mobile PTaaS cloud-based platform offers a depth of automated continuous and manual assessments, including:
- Periodic expert pen testing based on specific needs and schedule
- On-demand and continuous security testing integrated into the CI/CD and dev toolchain
- Automatic generation of tickets containing embedded correction resources
- Treatment consultation with an expert pen examiner
- Optional Industry Standard(s) Certifications and Certifications
- All in one SAST, DAST, IAST, APISec, and SBOM
- Easy-to-use, dedicated SaaS platform
“Mobile apps are critical to business because they generate revenue and connect with customers. Ongoing financial and market pressures are forcing companies to find ways to reduce costs without sacrificing speed or security,” said Alan Schneider, CEO of NowSecure.
“NowSecure Mobile PTaaS helps solve these challenges through continuous automated and periodic manual security testing with a depth of coverage to ensure a safe, secure mobile app is built – all at less than the cost of a single outsourced pen test.” , Snyder continued.
NowSecure Mobile PTaaS delivers maximum value to developer and security team budgets, providing on-demand and scheduled pen testing when needed and automated continuous testing for DevSecOps pipelines that align with any risk and security policy. NowSecure PTaaS starts at $18,000 per mobile app binary per year for unlimited automated continuous security testing and four quick pen tests.
NowSecure PTaaS offers a flexible mix of four pen testing options (rapid, targeted, full scope and OWASP MASVS certification), a wide choice of pen testing frequency and four continuous automated security testing options to meet any need efficiently and effectively.
To streamline the improvement process and speed shipping software, all manual and automated assessments include embedded developer improvement resources including problem descriptions, testimonials, maintenance instructions, code samples and links to documentation. In addition, NowSecure expert pen testers partner with security and development teams to consult on remedies.
After vulnerabilities are remedied, retest automation and services are incorporated to confirm mitigations and reinforce confidence that the mobile app is safe, secure and ready for production deployment.
Customers can customize their packages to include more frequent testing options and choose to add compliance-based assessments for a nominal fee to ensure their application meets the highest industry-set standards. Through the NowSecure Platform Portal, customers can receive standards-based assessments on certifications for OWASP MASVS, ADA MASA for Google Play, ioXt Compliance Testing and NIAP Compliance Check.
NowSecure is an ADA authorized lab, an ioXt Alliance authorized lab for IoT-connected and VPN-connected mobile apps, and an OWASP MASTG advocate. NowSecure is a pen testing provider that provides OWASP MASVS pen testing for full MASVS L1, L2, L1+R, and L2+R.
“Application development and security teams strive to deliver secure software quickly to market, balancing speed and managing risk,” said Michel Abraham, research director, security and trust at IDC.
“To address pen testing challenges of cost, frequency and coverage, we are seeing a growing trend towards pen testing as a service. PTaaS solutions provide a blend of continuous automated security testing and in-depth manual pen testing that brings together the best of both worlds,” added Abraham.
NowSecure Mobile PTaaS joins the full suite of mobile app security solutions from NowSecure, including NowSecure Platform for Automated Security Testing, NowSecure Workstation Kit for Pen Tester Productivity, NowSecure Supply Chain Risk Management, NowSecure Pen Testing Services, and NowSecure Academy Training Courses. Teams.
Built on standards and automation, NowSecure empowers organizations to deliver mobile apps faster and continuously monitor their mobile app supply chains for risk at a lower cost. Mobile innovators trust NowSecure to secure their mobile apps, including AT&T, Caribou Coffee, Chime, iRobot and Uber.
