Mobile Center of Excellence

Our Mobile Center of Excellence Team conducts ongoing research to ensure we stay ahead of the mobile threatscape and can deliver timely and effective assessment and training solutions to our clients. Topic areas we cover include:

  • Recent attacks on the mobile platform
  • New Mobile OS versions and protocols and the new threats they create
  • Firmware, hardware, and other infrastructure components that interact with mobile applications
  • Mobile standards and regulations like OWASP Mobile Top Ten and NIST mobile device security standards
  • Vulnerabilities in publicly known applications
  • New tools that can be used for testing mobile applications

Our Mobile Experience

Security Innovation has delivered mobile security assessments and training to organizations that range from Fortune 50 companies to a 5-person start-up. Our client list includes prominent software vendors, cloud infrastructure providers, financial services companies, mobile device and consumer electronics manufacturers, and retail and e-commerce giants, and a bitcoin broker.

We offer (and have conducted) the following types of mobile security assessments for iOS, Android, Blackberry, and Windows Mobile platforms:

  • Security Code Review
  • Penetration Testing
  • Code-assisted penetration testing
  • Backend API Tests
  • Device anti-tampering testing
  • Architecture and Design review
  • Software Security Training
  • Secure SDLC analysis
  • Attack surface analysis and reduction

We have performed deep mobile assessments for our customers where we conduct complex attacks on software, devices, and back-end systems including the following areas:

  • Banking, social networking, gaming, ERP, e-voting and speech recognition applications
  • Mobile/cloud services
  • Mobile development frameworks
  • Biometric verification systems
  • NFC firmware
  • Mobile Security Training

The expertise obtained from our ongoing research and assessments is vetted and incorporated into our Mobile Security Hackerthon and eLearning courses that cover defensive coding in iPhone, Android, Objective-C (for iOS) and Java (for Android).