Apcerto assesses, normalizes and provides a security rating with supporting advice and recommendations for mobile applications. Our testing is based on both predefined standards and customized tests that are designed around each app’s architecture, use cases and the current threat landscape. Our holistic testing platform provides security frameworks for orchestrating the entire mobile application security process.
Apcerto’s current mobile app security certification solution performs critical security validation of Android and iOS mobile apps as measured against the National Information Assurance Partnership (NIAP) Mobile Application Protection Profile (PP).
In addition, Apcerto’s testbed can perform automated normalization of results to any other industry leading standards including the Open Web Application Security Project, the Health Insurance Portability and Accountability Act, the Sarbanes–Oxley Act, or a yet to be defined set of criteria as applicable to the customer’s mission.
Secure, Omni Channel Application Development
Apcerto’s Mobile App Factory (powered by Kony) is a structured collection of related software assets, operational models and methodologies that aid in the production of secure mobile applications at scale with efficiency and ease.
Apcerto defines and provides mobile industry technical guidelines, standards and best practices along with supporting documentation with the goal of empowering the Customer to best leverage current and future mobile opportunities.
Apcerto’s app security platform is embedded into app development throughout the three App Factory phases: Setup, Run and Build. Throughout all three phases, Apcerto focuses on app security, utilizing its built-in holistic mobile app security platform.
App Security Process Management
Apcerto orchestrates a seamless and automated workflow:
- From app conception, to:
- Secure app dev in an agency-branded component marketplace (with reusable elements),
- Distribution and
- Continuous monitoring.
Apcerto’s goal is to automate every aspect of an app’s lifecycle to the maximum extent. By linking app development, security and mobility management, Apcerto helps customers achieve the efficiency, reliability and cost-effectiveness needed to keep up with the mobility and security needs of today’s complex enterprises.
Customer Discovery Service
As a part of the discovery phase, Apcerto works with each customer closely to fully understand its mission, role and daily business operations and mobility needs. Through 1:1 interaction, Apcerto will identify the customer’s operational and strategic needs and provide a gap analysis that reveals strengths and weaknesses within the existing mobile app security infrastructure.
With this analysis as a guide, Apcerto will walk the customer through a build or buy decision making process.
Policy Creation/Definition Support
Apcerto helps agencies and enterprises create custom security policies, standards and criteria to meet their mission-specific needs in the face of every-day cyber security challenges.
Apcerto’s expertise, capabilities and consultancy services help define and develop agency-wide Mobile Application Security Policies and Processes. Through a series of defined steps, Apcerto creates a customer mobility/security vision and then brings it to life.
Every app’s security lifecycle includes a need for operational monitoring. In addition to secure design at implementation and upon initial deployment, on-going operations must also be monitored closely for new exploits as a result of software bugs and architectural flaws.
Apcerto provides ongoing briefs that outline vulnerability information, exploits discovered, andpatches required to ensure continuous app security.
Apcerto normalizes and rates mobile applications based on predefined standards. Apcerto’s patented Bayesian Classifier, designed to produce a unique threat model based on machine learning, projects the probability of an attack or intrusion based on the mobile app’s design and configuration.
In addition, Apcerto’s security technology employs static and dynamic analysis, performed by any number of commercial and/or open source app vetting tools, and through its risk rating algorithm, will aggregate the results into a comprehensive vulnerability assessment and risk score. This results in higher detection of malware and actionable mitigation responses to threats and provides security analysts with a detailed report with guidance for app remediation.