Appknox - Banking Sector

Download as pdf or txt
Download as pdf or txt
You are on page 1of 14

Mobile Application Security Testing

Security Scenario
PAST SCENARIO CURRENT SCENARIO FUTURE SCENARIO

1. Companies are now beginning to


1. With so many niche spaces in
1. No one took security seriously adopt cyber security as a part of
technology that has opened up, A
their business strategy using
generalist approach doesn’t cut it
different security services and tools
anymore.
to help keep up with increasing
2. Security was considered a luxury threats
2. Mobile Application is a niche in itself
and is innovating everyday which is a
2. There is a huge vast unexplored very vast entity.
territory in cyber security that many
of us don’t know about.
3. Only after huge data breaches like 3. More and more users are being
(the Billion Dollar Heist, Axis Bank influenced to use apps each day.
App and the SBI Buddy App to name a
3. With every new innovation in
few) companies began to realize and
technology newer channels of 4. Only specialists and expert in this
take cyber security seriously.
exploitation are being paved space can help ensure complete
everyday. security.

Appknox Enterprise Offerings 2


Appknox: Mobile Security Specialists
Appknox helps different companies and especially banks automate their mobile security
testing with an easy plug and play platform.

What does this mean for Banks?

Increased productivity of current


Lesser spend on additional Faster time to market
team

Hassel free and detailed reporting Expert insights to ensuring


with a personalized dashboard to complete mobile application
manage all threats detected. security

Appknox Enterprise Offerings 3


Banks we have worked with

Appknox Enterprise Offerings 4


Banking Engagements
Indian Banks Fintech & Outside India Banks

Appknox Enterprise Offerings 5


Appknox Mobile Security Offerings

Static AST
Dynamic AST Complete Server-side
Manual AST Testing
Mobile API
SDK

A few enterprise
businesses we
work with
How Appknox Works

Static Dynamic Application User Detailed


1 Upload 2 3
Application
4 5 Behavior
6 Report
Application Program
APK/IPA Analysis Generation
Security Interface
Security
Testing
Testing Scan

Continuous Integration Compatible for iOS, Android &


Key Features

Total of 115+ Test Cases Windows

Binary Based scan


Compliance checks like PCI-DSS, HIPPA
Appknox Enterprise Offerings 7
Static Application Security Testing (SAST)

1 Upload your
APK/IPA.

Our fully automated


system scans your app
2 for basic configuration
issues

Get detailed reporting


of all your threats with
3 suggestions on how to
fix them

Configuration Check SDK’s/Libraries Check Compliance Check CVSS Scoring

Appknox Enterprise Offerings 8


Dynamic Application Security Testing (DAST)
Server

Application Logs

Insufficient Transport
Layer Protection

Derived Crypto Keys

Insecure Hashing Algorithms

App

WebView Exploits

Memory Leakage Check Network Layer Analysis Insecure Data Storage


Appknox Enterprise Offerings 9
API Testing
Our fully automated API scanner attempts to break into your server to discover vulnerabilities
so you can plug them before the bad guys exploit them.

Buffer Overflow
Command Injection

JSON Parser String Validation


Depth Limit
SQL Injection

CORS Wildcard
And many more…

100+ test cases categorized into Total security of webserver, On-demand scanning with the push
9 distinct groups database and it's implementation of a button from your dashboard

Appknox Enterprise Offerings 10


Deployment Options
Transforming One of the Largest Global FMCG
Company’s Mobile Security Automation Landscape
to Increase Productivity by 120%
Context and Company Profile:
The multinational consumer goods company owns 400 + brands and has over 300 Mobile Apps for the purpose of customer
engagement, internal business operations and business communications. It has a total of 172,000 employees and recorded a total of
over € 53 Billion revenue in the year 2015.

Challenges:
The company runs more than 300+ mobile apps on a global scale and has a shared services security team located in India. They
faced the following challenges:

Security clearance pressure from global teams:


With over 400 + brands and 172,000 + employees, the company’s security team had multiple app clearance requests which they
found very difficult to keep up to in a short span of time.
Appknox ROI to businesses

Save time and recover expenses right from the first scan.

A cumulative saving of over Save $500 with each scan performed by


$1Million per year for all our clients. $500 your security researchers.

50%
Slash mobile security testing cycles by 50% using Appknox's automated security testing solution.

One of the world's largest global FMCG companies went from scanning 25 apps to 50
apps and then 400 apps in a year's time using Appknox without adding any additional
headcount."

You might also like