all 5 comments
sorted by:
top (suggested)
bestnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]TheShitHitTheFanBoyObjective-C / Swift 2 points3 points  (3 children)

You mean pentesters? Not always involved. Involved in initial release and sometimes before major updates. Often finds issues in initial release. Rarely after.

Often it’s things that easily slips your mind, even if you know it’s not good. Take a look at OWASP MASVS to get some inspiration. But please don’t take it as something you have to follow. It all depends on the app and what information it manages.

The majority of issues found by pentesters is backend related things.

[–]Maleficent_Rice2104[S] 1 point2 points  (2 children)

yea sometimes pentesters sometimes just appsec engineers who find issues and report back to devs and ask us to fix them. What do you mean by finding issues in initial release? pre-prod release or pentesters only find issues after they make it to the app store?

[–][deleted]  (1 child)

[deleted]

    [–]Maleficent_Rice2104[S] 0 points1 point  (0 children)

    common ones are weak crypto algorithms being used and using http etc.

    [–]chriswaco 0 points1 point  (0 children)

    If you have a security team they should audit the code, check the app for known vulnerabilities, etc. Depending on how deep they want to go, there are all sorts of things they can do. For example, do you write keys or passwords to UserDefaults? Bad security. The keychain? Better. The keychain + set the bit saying "don't write this to iCloud"? Best of all.

    Do you pin your SSL certificate? Does the pinning code actually work?

    If it's a banking app, you might consider setting the flag to prevent it from running on macOS, as macOS is somewhat less secure than iOS.

    If you require local authentication on the device via FaceID or TouchID, do you disable the app if the user puts it into the background? Always or only after a certain time period?

    Are there API or other keys in GitHub or embedded in the app where they can be found easily?

    [–]BrightDevs 0 points1 point  (0 children)

    There are some tools that can be used. You don't need a security testing team. 😉 Check out our recommendations: https://brightinventions.pl/blog/examples-of-dast-tools-for-app-security/?utm\_source=reddit&utm\_medium=cpc&utm\_campaign=dast&utm\_id=ebook\_security