Widespread and consistent growth of mobile devices demand a quick approach to application development. This approach causes developers to overlook security practices and generates a growing numbers of security incidents and vulnerabilities. Blue Frost Security's experience shows that only a small percentage of mobile developers pays appropriate attention to the security of their applications. Most mobile software is developed insecurely and possesses various levels of risks for user data and devices as well as for application servers.
Regardless to the mobile platform standard (iOS, Android, Windows and Blackberry), Blue Frost Security approach to mobile application security assessment covers both server and client-side analysis including, but not limited to the vulnerability classes from OWASP Mobile Top 10. According to our testing methodology, all application areas from handling user input to cryptography and secure local storage should be analyzed.