Introduction
NCRDC MAST v2.0 (Mobile Application Security Test) FRAMEWORK was proposed by NCDRC research lab. NCDRC partnered with Briskinfosec, conducted research on NCDRC MAST v2.0 FRAMEWORK at BINT LAB (Briskinfosec’s Intelligence Lab). MAST v2.0 Framework provides security folks, the ability to work together and form a skilful approach towards mobile security issues. The importance of this guide benefits anyone with the ability to understand the techniques, used for testing common mobile security issues.
Why MAST?
Briskinfosec’s BINT LAB researchers concluded five stages of mobile app security test that covers every aspect of security concerns in any mobile application. They are listed below:
- Static Analysis
- Dynamic Analysis
- Communication Level Analysis
- Business Logic Analysis
- Server-Side Analysis
Apart from static analysis, each phase will be tested in three different stages:
- Emulator Level
- Real Device Level
- Rooted/Jail Broken Level
Benefits Of NCDRC MAST
- Our customized approach is to satisfy the end to end mobile app security requirements and in meeting most of the information security compliances such as ISO 27001, PCI:DSS, HIPAA, etc.
- Identifies the security characteristics that are needed to sufficiently reduce the risks in mobile testing.
- This framework provides solutions that are suitable for organizations of all sizes.
- Helps to implement industry standard mobile security controls. This reduces long-term costs and decreases the risk of vendor lock-in.