As security and risk professionals take steps to improve cybersecurity posture, email, network, and web security often take center stage. However, as internet use continues moving toward a mobile-centric experience, it has become essential to consider mobile applications when crafting a security strategy. Bitsight’s latest research demonstrates exactly why.
We are excited to announce that Bitsight Insights: Mobile Application Risk Report is available now.
In this report, you’ll find:
- Eye-opening statistics on the state of mobile application security today.
- Examples of how and why mobile breaches occur.
- Actionable advice for mitigating cyber risks associated with your own mobile applications, as well as apps from third-party partners and suppliers.
You’ll also get Bitsight’s latest research on mobile application security—including performance stats by application genre, sector, and popularity.
Key findings:
- 3 out of 4 mobile applications evaluated contained at least one Moderate vulnerability. The prevalence of at least one Material (<1%) or Severe (2.5%) vulnerability occurs at significantly lesser rates.
- Material and Severe vulnerabilities, including Arbitrary Code Execution, were observed in highly popular mobile apps.
- Very few Material and Severe vulnerabilities were remediated once they were in production. Remediation rates were very low given the criticality of these vulnerabilities.
- Android shopping apps, which transmit personal identifying information (PII) and other sensitive financial details, performed poorly in TLS Certificate Validation for Sensitive Data.
- GPS Data Leakage, a significant security and privacy issue, was a problem across a variety of sectors and mobile app genres—including Aerospace and Defense.
