What we do

We security assess the app’s functionality and how it interacts with both the mobile device and the remote web services it needs to retrieve information.

With our deep knowledge and understanding of iOS and Android native mobile app security, we look for security issues associated with data privacy, communications between the app and the web servers, and any vulnerabilities in the actual web services that could lead to unauthorised access to sensitive information.

The most common vulnerabilities found in mobile apps are tested for, in line with OWASP’s Mobile risks:

  • Sensitive data leaks
  • Hard-coded passwords/keys
  • Client-side injection
  • Lack of binary detection
  • Insecure transmission of data
  • Insecure data storage
  • Poor authentication and authorisation
  • Improper session handling


More articles

The latest from the security bureau

We are now Informer

It’s been a busy start to 2020. Behind the scenes, we’ve been enhancing our SaaS platform, rebuilding our website and rebranding to Informer. Since 2014, The Security Bureau has helped our customers identify vulnerabilities in their systems and applications with our penetration testing services. As the security landscape has changed, we’re now taking a SaaS […]

Why financial services need penetration testing in 2020

It’s that time of year again, where we try to shed the festive pounds and look to the year ahead. 2020 promises to be an interesting time for cybersecurity in financial services. Not least because of Brexit and the US presidential election. Here’s our essential cybersecurity in 2020 lowdown.