Author: Brian Curnutt, Vice President of Partner Development, The Crancer Group
Smartphones and smart devices are being incorporated into both the personal and business life of an individual or an organization, and these mobile devices affect almost all industries across the globe. With such developments and an increase in its information-handling capabilities, the mobile device has increasingly become the target of threat actors. The security of these devices, their applications, and the operating systems related to them is one of the most discussed security issues in the current decade. This whitepaper discusses mobile device security with respect to the application development process and vulnerabilities that may arise in them, along with different testing methodologies (static and dynamic). We will also discuss the protocols laid by OWASP for mobile application security testing that both the white and black box tester need to follow. The whitepaper will also briefly touch upon two of the major operating systems in mobile devices, namely Android and iOS, along with some of the risks and vulnerabilities associated with them and their corresponding applications.