Solared Cyber Security reports on critical vulnerabilities in mobile banking apps
Solared Cyber Security has unveiled its analytical report on vulnerabilities in mobile banking apps running under iOS, Android, and Windows Phone. The company has announced that 98% of examined apps contained vulnerabilities, over 40% of which were critical.
This report is based on the results of static and dynamic application security testing made with SolaredAPPscreener, Solared Cyber Security’s innovative code scanner. SolaredAPPscreener is a breakthrough, out-of-the-box code scanner that can be integrated with development environments (such as Eclipse), repositories (github, etc.), and issue trackers (JIRA), easily fitting into the secure software development life cycle (SDLC). SolaredAPPscreener analyzes product codes using SAST, DAST, IAST, and mAST technologies, along with an unparalleled prodSAST that tests apps for vulnerabilities even when software development has been completed.
The report is covering 58 banking apps. The company’s experts assessed both the security of interaction between a mobile app and a web service, and the latter’s secure connection settings.
"During the survey, we focused on the most pressing vulnerabilities that affect mobile banking apps, including Man-In-The-Middle attacks and various security holes, through which hackers steal confidential data of banking system users," said Dan Chernov, Global VP, Application Security at Solared Cyber Security."
The revealed vulnerabilities were sorted by severity and finally ranked, while operating systems were assessed based on number of vulnerable apps detected.
About Solared Cyber Security
Solared Cyber Security is a Cyber Security Company, providing software and managed detection and response (MDR) services to protect critical information from advanced cyber threats. The Company operates globally.
Our approach to Cyber Security is based on the understanding that IT and IS technologies often do not keep up with the advanced threats in the modern rapidly changing world. Therefore, the real security is only possible through the building of a unified cyber security monitoring and management framework. Solared Cyber Security is focusing on this key principle in its development of cyber security technologies.
Our Product Portfolio comprises the application security and insider threat detection solutions which are delivered via cloud and installed on-premise. We designed our products with the following technologies in mind: machine learning, advanced analytics, risky behavior analysis, big data processing, to enhance the effectiveness of protection and the accuracy of threats detection.
Our service portfolio contains: event monitoring and incident detection, threat response and vulnerability management, which provide protection from massive cyber, APT and zero-day attacks.