Are your DIY mobile apps leaving you exposed?

Mobile app development techniques include the use of many open source libraries. While an efficient method to crank out apps quickly and save dev time and resources, this methodology can lead to the creation of apps that can compromise your corporate security posture. Even the most security conscious companies can fall victim to these DIY apps.

Avast Mobile Enterprise helps limit the damage from these flawed apps by keeping the data behind the firewall in your private or public cloud infrastructure, protecting the mobile backend from the wider internet where attacks can occur. Let our security experts, with decades of high-profile experience auditing apps for many government entities, give your app a check-up.


Avast Virtual Mobile Platform protects enterprises from malware, data leakage, insider threats and other datajacking attack vectors.

Your vulnerabilities that expose your mobile app to datajacking
A custom report that demonstrates how hackers can exploit these vulnerabilities.
How virtual mobile infrastructure can limit exposure to these threats.

Here's a sample of the vulnerabilities we look for:

  • Security of SSL/TLS Deployment – Identifies issues in SSL/TLS including man-in-the-middle detection, certificate pinning, transport layer security extensions and configuration options, certificate authority root validation, and incorrect use of embedded certificates and private keys.
  • Insecure storage of sensitive information – Assesses the handling of stored personal and private information by apps and APIs connecting apps to back-end servers
  • Insecure uses of cryptography – Evaluates the security of the deployment and underlying cryptographic algorithms in mobile apps in-transit and at-rest
  • Insecure Server API Authorization/Authentication mechanisms and credential storage – Identifies flawed, non-existent or weak authentication methods that expose sensitive user information
  • Server API Web-related vulnerabilities – Identifies common web app vulnerabilities present in back-end/cloud services connected to the mobile app including SQL injection, cross-site scripting and cross-site request forgery.

Register now to begin your App Triage today!