alexwhite19800
asked on
Different types of mobile security tests
Hello
We have a mobile application that we'd like to security test.... The app runs on iOS and android
I understand there are static tests, dynamics tests, manual tests and so on. Does anyone have an explanation or link to what these actually mean? Also some test the server side component and some the client side. Then there are vendor names like veracode that I'm not sure refer to type of test or vendor that can do multiple
We have a mobile application that we'd like to security test.... The app runs on iOS and android
I understand there are static tests, dynamics tests, manual tests and so on. Does anyone have an explanation or link to what these actually mean? Also some test the server side component and some the client side. Then there are vendor names like veracode that I'm not sure refer to type of test or vendor that can do multiple
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The key difference is this should the test scope to validate wearing attacker mindset to search for one gap and further exploit from there onwards to the severity of the gap collectively for the whole test.
It is more fruitful as an integrated test with you mobile apps being implemented, provisioned for download and the subsequent usage on the user mobile device. This test is also referred to in many compliance requirement like the latest PCI DSS 3.2.