Our solution for your app security!
Are you looking for a time-saving app security solution to evaluate the risk potential of your deployed mobile apps and ensure the protection of your mobile devices? APPVISORY offers exactly that and more.
We analyse. You decide.
APPVISORY is a solution that enables you to decide on the use of mobile applications within your company based on modern testing and analysis procedures. APPVISORY alerts you to risk potentials such as insecure data connections, third-party access and malware. You decide which security factors are relevant for your company or individual user groups within your company and optionally integrate the test results into your existing Mobile Device Management (MDM).
App Security with APPVISORY
App Risk Management
- Security classification of the top apps from the commissioned commercial app stores
- Intuitively understandable security classification of apps in the APPVISORY ® evaluation procedure
Mobile Threat Detection
- Identification of vulnerabilities and risky app behavior
- Detection of malware through generic and heuristic scanning methods
Mobile Device Management Integration
- Automatic connection to leading MDM software
- Scan of the app portfolio created in the MDM against the APPVISORY database
- Transfer of an app portfolio to the MDM Whitelist/Blacklist
App Scan Catalog
- Extensive app catalog of continually tested apps
- Automatic review of each app update
- For Android and iOS
- Development, service und hosting in Germany
- Administrator access for APPVISORY ® management console via web-login
- Export of individual test results and applists as CSV, JSON and PDF
Black- & Whitelisting
- Automatic or manual selection of apps for the creation of a basic Whitelist/Blacklist
- Automatic synchronization of changed risk ratings of apps due to updated results
Using static and dynamic analysis, APPVISORY screens mobile apps to identify vulnerabilities as well as risky behavior.
Violations against Data Protection Regulations
Invalid general terms and conditions and data privacy policies
Data storage in the cloud
Uncontrolled dataflow to non-company servers
Mobile Threat Detection detects malware and other threats
Violation of data privacy
Access to personal data
Violation of Data Security
Insecure data transfer and prohibited server locations
Unsafe data storage on the device
Unsafe storage of sensible data on the device
Prohibited connections and data transfers to third-party suppliers and unsafe third-party libraries
NOTICE FROM THE FEDERAL OFFICE FOR INFORMATION SECURITY (BSI):
Excerpt from the german IT-Grundschutz Compendium
SYS.3.2.2.A14 – Use of external reputation services for apps
If the administrators of an institution cannot select the permitted apps themselves and users are allowed to install apps on their devices independently, a so-called reputation service should be used. This is an external service that examines apps according to certain criteria and provides the results as a service. The MDM should then use this information to at least restrict the installation of apps.
- Unlimited amount of apps
- Automatic checks of app updates
- Real-time process for additional app requests
- Checking of apps with infrastructure connection as well as foreign language apps
- Extensive criteria catalog with more than 70 criteria per check
⧁ e.g. third-party libraries including tracking, analytics, advertising
⧁ Server connections
⧁ data access
⧁ Detailed security configuration
Automated dynamic and static analysis of additional test criteria:
- Checking for common vulnerabilities and unwanted data processing
- Network traffic analysis
- Data storage
- Encryption (methods and key strengths)
- Framework, permissions, third parties
- Semi-automated test procedure by experienced app security analysts
- Extended plausibility checks including target servers, need for data transfers, anonymization/pseudonymization according to EU-GDPR, integration of third-party providers, general recommendation for use in companies etc.
- Review of all significant updates that have major changes to the app code
- Additional verification of test results by an app security supervisor
- Comprehensive PrePentest report
FAQ – DO YOU HAVE ANY QUESTIONS?
Can APPVISORY prevent data access or outgoing data connections of the apps?
In the current version APPVISORY analyzes the access- and data sending behaviour of the app and provides all important information to make decisions about app use and how harmful apps can be kept out of the company network. The app behavior is not influenced yet but the APPVISORY team is working on such a solution.
Which risks and dangers does APPVISORY protect me from?
APPVISORY protects you from data leakage, data thievery, industrial espionage, movement tracking, malware and the unwanted creation of personal profiles. In addition you get the information whether certain applications comply with the requirements of the EU-GDPR.
Can I connect my MDM to APPVISORY?
Absolutely. We offer a direct connection for a large number of MDM systems. We also offer exports via CSV and JSON.
Can I customize APPVISORY according to company specifications and compliance regulations?
Yes. APPVISORY can be tailored exactly to your company‘s needs and even to individual user groups within your company through individual security configurations.
What are the main advantages for my employees from using APPVISORY?
Using APPVISORY protects your employees from the dangers of everyday mobile life. By using APPVISORY the employees have a reliable basis for decision-making for or against the integration of certain applications into the corporate IT environment.
14 days DEMO
Test APPVISORY for 14 days free of charge and without obligation.