The State of Mobile App Security

Nov 05, 2015 By Amit Ashbel

The mobile application industry is growing at an explosive pace, yet security issues of mobile applications are lagging behind. Incidents of mobile application hacking have increased exponentially as attackers and attacks have evolved, using both new and well-known methods of attack to infiltrate apps and collect the as much data as possible. The impact on businesses and end-users is exponentially growing.

With more than 1.5 million apps available in the two main app stores, Apple and Android, and hundreds of billions of downloads to date, the mobile landscape has quickly become the main playground for hackers and attackers.


Mobile applications are used for practically anything today. We use personal apps that store your PII (Personal identifiable information), medical applications used within hospitals to store patient information and dole out meds and financial applications where users pay bills, transfer money and check balances. The need for secure applications has never been clearer.


When it comes to security, there are numerous vendors who attempt to provide a way to detect any risks on the device or within the application itself. Due to the mobile operating system’s sandbox environment, there is only so much that a security application can do. Signature detection of malware and jailbreak/rooting detection are probably the best these vendors can do to protect your data. However, as long as the security vendor’s play by the rules enforced by iOS and Android – and on iOS they are forced to do so- attackers will continue to have the upper hand and these protections can be easily circumvented.


Thus, it boils down to ensuring secure development as you create your app. Building apps with security in mind while ensuring secure authentication, data storage, encryption, input validation and availability are just a few of the tasks a mobile app developer must face.


The State of Mobile Application Security report created by AppSec-Labs and Checkmarx defines 7 Deadly App Development Sins and delivers a comprehensive report describing the state of Mobile Application development and the risks discovered.
By analyzing both iOS and Android applications the research also sheds some light on the claim that iOS apps are more secure than Android Apps.



Think iOS Is Safer than Android? Think Again!

We analyzed hundreds of popular applications across all verticals and discovered alarming results which have to be addressed by the mobile development industry.

View the full report here

The following two tabs change content below.

Amit Ashbel

Cyber Security Evangelist at Checkmarx
Amit Ashbel has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and familiarity with emerging threats. Amit also speaks at high profile events and conferences such as Blackhat, Defcon, OWASP, and others.

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.