Mobile App Security Testing Brochure

Learn about Kryptowire’s turnkey mobile app security and privacy vetting technology of choice for Fortune 200 companies and government agencies.


Mobile App Security and Privacy Transformational Assessment and Validation

This case study assessed how Kryptowire’s unique, closed-loop automation helped the NHS save considerable time and money.



Tailor Kryptowire’s threat analysis reports to reflect your organization’s unique standards.

Intuitively generate reports in multiple formats, including HTML, PDF, NIAP, JSON, and more.

Automatically scan your store-hosted app when new versions are deployed.


NIST NCCoE Selects Technology Vendors to Collaborate on Mobile Device Security for Enterprises

The MDSE project aims to help organizations across business sectors develop a series of clear and repeatable reference mobile architectures that any organization can adapt and adopt to ease design, accelerate deployment, and build in security for their mobility program from the outset. All products incorporated into the reference design will be standards-based and commercially available products.


U.S. Government Approved Protection Profile – Protection Profile for Application Software

The U.S. Department of Defense requires all managed mobile applications to meet the NIAP Protection Profile for Application Security Software requirements. The scope of this Protection Profile (PP) is to describe the security functionality of application software in terms of Common Criteria and to define functional and assurance requirements for such software. In recent years, software attacks have shifted from targeting operating systems to targeting applications. This has been the natural response to improvements in operating system security and development processes. As a result, it is paramount that the security of applications be improved to reduce the risk of compromise.


NIST Mobile Threat Catalogue

This document outlines a catalogue of threats to mobile devices and associated mobile infrastructure to support development and implementation of mobile security capabilities, best practices, and security solutions to better protect enterprise information technology (IT). Threats are divided into broad categories, primarily focused upon mobile applications and software, the network stack and associated infrastructure, mobile device and software supply chain, and the greater mobile ecosystem. Each threat identified is catalogued alongside explanatory and vulnerability information where possible, and alongside applicable mitigation strategies. Background information on mobile systems and their attack surface is provided to assist readers in understanding threats contained within the Mobile Threat Catalogue (MTC).



Being Static in a Dynamic World

Kryptowire CTO, Alex Lisle, discusses differences between static and dynamic analysis and why a different approach to analysis, particularly in the mobile application world, is important.


Apps That Go Bump in the Night

Kryptowire’s CTO and cybersecurity expert Alex Lisle explains what stalker apps are, how they compromise privacy and security, and some ways to stay safe.


Schrodinger’s iPhone

The traditional approach Apple has taken to security on iOS is interesting. The approach is best summed up as: hide everything. By design, as time has gone on, there are fewer and fewer insights into what your device is doing. This approach was popular about 30 years ago. It was dumb then, and it’s willfully ignorant in this day and age.