appknox logo

Welcome to the Appknox Blog.

We’re excited to have you here. The intention of this space is to make you aware about how important security is in today’s fast moving world of mobile applications and high-tech devices.

The explosive growth of mobile apps has created an industry of app development where time-to-market is everything. Security has suffered often and, very publicly, insecure apps have leaked payment, banking, and other sensitive user data, to the embarrassment of major brands. Appknox offers peace of mind to brand owners and the developers who create and maintain apps by doing regular security audits of their work, and alerting them to new vulnerabilities as they arise.

True Story

starbucks app

On 16 January 2014, the Starbucks app, the most used application in the US with 10 million customers, was found to be storing user credentials in plain text format. When CNBC reported that user data had been compromised, 3 million people deleted the app from their mobile devices. In 24 hours, the app fell from 4th highest grossing app to number 26. Starbucks scrambled to release an update later that week, too late.

Problem

Research published by Appknox has revealed that 80 out of the top 100 apps in the world’s major app stores have security vulnerabilities. The problem is that mobile app coders tend to be junior, feature-oriented, and inexperienced at secure coding practices. The industry’s stance on security tends to be reactive, only paying attention when a data theft occurs or a vulnerability is disclosed by a third-party hacker. Public embarrassments lead to public backlash, massive and distracting cleanup jobs, a loss of consumer confidence in mobile apps, and possibly even a drop in stock price. All stakeholders are waking up to the importance of security.

Solution

This is where we come in. Appknox scans mobile apps automatically for security flaws, both before and after they are released.

During the development phase : Appknox helps coders by offering a testing API that can be built into their continuous integration process.

At the time of delivery : Appknox helps clients certify work product as part of the acceptance process.

After publication : Appknox scans through app stores, reporting security flaws to the stores, to developers, and to the full-disclosure community.

Users receive automated reports including a score card of vulnerabilities, ranked by severity. This report includes helpful suggestions for developers, and threat scenarios for managers. The scanner works at both the source and the binary code levels.

For the avoidance of doubt, Appknox is not an antivirus company. Viruses may be the oldest and most famous problem in security, but malware is not the only one. Data loss prevention, snooping, and man-in-the-middle content and code injection are just as prevalent and dangerous. Appknox focuses on those.

So, who’s behind Appknox?

Our team comprises of three young gentlemen who are responsible for running the show at Appknox.

appknox team

We’ll share more details soon.

For now, we’d love it if you can subscribe to our newsletter so that we can keep you updated about what happens in the world of mobile security and of course about Appknox as well.