MAST

Fluid Attacks' Mobile Application Security Testing (MAST) analyzes your mobile application to detect known and zero-day vulnerabilities in it, according to its mobile platform and development framework. In MAST, we combine static (SAST), dynamic (DAST) and manual penetration testing (MPT) techniques throughout your SDLC. With these three methods, we assess your mobile application's code and security controls, considering related standards focused on these apps, such as OWASP MASVS and OWASP Top 10 Mobile Risks, as well as many others for cybersecurity in general. In our assessments we check, among other security requirements, that your mobile application makes appropriate use of the platform's features on which it runs, employs robust encryption algorithms, has strong authentication and authorization controls, and its data is adequately protected for storage and transmission. All this is accomplished with the help of our automated tools in combination with the expertise of our highly certified ethical hackers, who simulate real attacks to achieve continuous, accurate and comprehensive security testing.

These are the benefits of MAST

Minimal false positive rates

Continuous manual assessments by our ethical hackers, experts in pentesting, allow us to significantly reduce the number of false positives reported by our automated tools.

Low false negative rates

SAST and DAST techniques, performed both automatically and manually, allow us to guarantee very low rates of false negatives, contrary to what can be achieved with these methods when they are performed only automatically.

Comprehensive reports

Our red team's manual penetration testing allows for a more thorough recognition of the security issues in your mobile application, which are communicated to you in comprehensive reports that include analytics, evidence and remediation recommendations.

Testing from early stages of the SDLC

Implementing SAST from the moment you write the first lines of code and DAST in internal pre-production environments enables you to remediate vulnerabilities early and save time and money. The cost of remediation during the development phase is 10% of the cost during the production phase.