McAfee evaluates the security of its mobile applications

The development of mobile applications has grown with the massive reception of mobile operating systems with Android and iOS. With around 5,135 million smartphone users at the end of 2018, there is a growing demand for smartphone applications, including banking and commerce. There are more than 2.1 million applications available in both the App Store and Google Play and they have already been downloaded 130 billion times. Many companies rush to develop new applications or carrying old applications that work with smartphones. These applications often deal with personally identifiable information (PII), credit card and other confidential information. The McAfee Strategic Security Services mobile application evaluation service helps customers protect their mobile applications.

McAfee experts at your fingertips
McAfee has led the mobile application evaluation space since day one. We have published several white papers and articles on this subject, which are published on our website. Not only have we written articles, but we have also created and launched several free tools in this field, such as iOS Keychain Analyzer, Hacme Bank Android, SQLiteSpy, amongst others.

An important part of McAfee's success is having developed a detailed methodical approach to mobile application evaluation (MAA) to ensure that we are effective, efficient and repeatable. Our customized methodology allows the process to be consistent across all our evaluators, while allowing them to be creative and leverage their "Hacking" skills. Our mobile application testing process consists of more than one hundred specific mobile checks. The leaders of the McAfee Strategic Security Services are constantly involved in ongoing investigations to update our vulnerability checklist and keep it updated with the rapid evolution of the threat landscape.

Our detailed methodology covers different security categories:
✔Configuration Management
✔User and session management
✔Data validation
✔Error handling and exception management
✔Data protection
✔Cleaning and reverse engineering

✔We find security gaps in mobile production applications before hackers, by running tests on applications downloaded directly from the App Store or Google Play.
✔We can also perform a safety assessment as mobile applications move from UAT to production.
✔We understand your risk and the potential impact on your business and use it for our risk calculation
✔Our proprietary and updated mobile application testing process consists of more than one hundred specific controls for mobile devices
✔Our training program, comprehensive methodology and strict quality control ensure almost no false positive
✔We actively transfer knowledge of test techniques, problems and remediation to our clients.