Learn the Bishop Fox approach to assessing mobile applications.
Bishop Fox’s mobile application assessment methodology identifies security weaknesses in mobile applications and infrastructure.
These zero-, partial-, or full-knowledge assessments begin with the enumeration and analysis of applications deployed within an organization’s infrastructure. Next, the assessment team uses industry-standard and internally developed tools in conjunction with expert-guided testing techniques to locate mobile-application security deficiencies. After identifying vulnerabilities, the team conducts manual exploitation of the catalogued weaknesses with the intent to compromise sensitive data, credentials, and systems on both the client device and server sides of a mobile deployment.
The assessment concludes with a detailed reporting of all security issues discovered within the target environment alongside comprehensive remediation recommendations and steps.
This Methodology document provides an overview of the following assessment process phases:
- Discovery and Testing
- Analysis and Reporting