1. Latest News
  2. Submit Press Release
  1. PR Home
  2. Latest News
  3. Feeds
  4. Alerts
  5. Submit Free Press Release
  6. Journalist Account
  7. PRNewswire Distribution
Paladion Networks Logo

Paladion Launches AppSec Tools For Mobile Enthusiasts

"InsecureBank", Vulnerable Andriod application developed by Paladion, is made for security enthusiasts and developers to learn the android insecurities by testing this vulnerable application.

FOR IMMEDIATE RELEASE

 
PRLog (Press Release) - Apr. 18, 2012 - PALADION LAUNCHES APPSEC TOOLS FOR MOBILE ENTHUSIASTS

BENGALURU, APRIL 18, 2012: Paladion has recently launched Application Security tools for mobile enthusiasts. The tools, ‘InsecureBank’ and ‘Automation Script’ has been hosted and are available at free of cost in www.paladion.net.

Paladion's Vulnerable Andriod application named "InsecureBank" is made for security enthusiasts and developers to learn the android insecurities by testing this vulnerable application. The server component is written in python. Some key vulnerabilities that can be learnt using this application are:

o   Information Sniffing due to Unencrypted Transport medium
o   Sensitive information disclosure via Property Files
o   Sensitive information disclosure via SD card storage
o   Sensitive information disclosure via SQLite DB
o   Sensitive information disclosure via Device and Application Logs

In addition, Paladion's Mobile Security Team has developed an automation script which is helpful in quick static analysis of Android Vulnerabilities. The script is a batch file, which prompts the user to provide the path of the android application code to be analysed. The script has detection parameters pre-configured in it which run over the android application code. The result is a list of text files - one each for different vulnerability. These text files are the primary source of vulnerability identification. Sometimes it may not directly flag off vulnerability but may act as the pointer from where to start with. This script is very useful in case of bigger applications.

List of key Checks that that the Script would be testing for:

o   Code to check for presence of HTML Sensitive Information
o   Code to check for insecure usage of SharedPreferences
o   Code to check for possible TapJacking attack
o   Code to check usage of external storage card for storing information
o   Code to check for possible scripting javscript injection

The tools can be downloaded at: http://www.paladion.net/paladionlabs.html


For further information pls contact:  piyali.guha@paladion.net

About Paladion-

With a global footprint across 30 countries, Paladion is a specialized and strategic partner for information risk management to leading organizations across industries including, BFSI, ITES, Telecom, Manufacturing. It is the largest and the fastest growing pure-play information security player in Asia (as ranked in Deloitte Technology Fast 500 Asia Pacific & Technology Fast 50 India - 2006, 2007, 2008, 2009, 2010 & 2011). Gartner too has included Paladion in its rating of “MarketScope for Managed Security Services in Asia Pacific” – 2008 & 2009 as ‘Promising’ player and as a ‘Positive’ player in 2010 & 2011.

Having over a decade of experience in the information risk management domain, Paladion today is actively managing risks for over 700 customers. Paladion provides end-to-end information risk management solutions comprising security assurance, compliance, governance, monitoring and management services to large and medium sized organizations for existing as well as emerging risks.

Paladion also offers solutions for communication interception to law enforcement agencies and service providers. Paladion’s information risk management solutions have been awarded by Asian Banker, Red Herrings, and Financial Insights. Paladion has been recognized in the SI 100 Top 10 Enterprise Security Companies 2011. Paladion is involved in several information risk management research forums and has authored books on the same. The whitepaper, Phishing Threat Intelligence Report H1 2011 by Paladion Labs, has been awarded the Global Excellence Award 2012 by Info Security Products Guide.


Please visit www.paladion.net for more information

-End-

# # #

Paladion provides end-to-end information risk management solutions comprising security assurance, compliance, governance, monitoring and management services to large and medium sized organizations for existing as well as emerging risks.

--- End ---

Click to Share

Contact Email:
***@paladion.net Email Verified
Source:Paladion Networks
Phone:+91 80 42543444
Zip:560078
City/Town:Bangalore - Karnataka - India
Industry:Technology, Security, Mobile
Tags:mobile, mobile security, mobile apps, android apps, Paladion, managed security, security testing
Shortcut:prlog.org/11852474
Disclaimer:   Issuers of the press releases are solely responsible for the content of their press releases. PRLog can't be held liable for the content posted by others.   Report Abuse

Latest Press Releases By “

More...

Trending News...



  1. SiteMap
  2. Privacy Policy
  3. Terms of Service
  4. Copyright Notice
  5. About
  6. Advertise
Like PRLog?
9K2K1K
Click to Share