Sold by: Check Point Software Technologies
Mobile Application Security Assessment – Penetration Testing by Check Point Services is a CREST‑accredited assessment that evaluates mobile applications for vulnerabilities in architecture, data handling, communication flows, authentication, and API integrations across Android and iOS. The service assesses how mobile apps interact with backend environments deployed on‑premises or in cloud platforms, including AWS. Findings are delivered with clear, prioritized remediation guidance to reduce exposure and strengthen overall security posture.
Overview
Mobile Application Security Assessment – Penetration Testing by Check Point Services provides a thorough, CREST accredited evaluation of mobile applications across Android and iOS. The assessment identifies vulnerabilities in data storage, encryption, session management, communication flows, authentication mechanisms, and API interactions. Testing follows the OWASP Mobile Security Testing Guide (MSTG) and applies proven methodologies to uncover weaknesses in mobile architecture, platform specific implementation, and the security of client–backend interactions.
The evaluation covers applications that operate with backend services hosted on premises or in cloud environments, including AWS. This ensures visibility into how the mobile client handles sensitive data, transmits information, and interacts with APIs or backend components regardless of hosting model. The assessment highlights risks across both client side and integration points, helping organizations reduce exposure to attacks and improve resilience.
Key capabilities include:
• Architecture and Data Handling Review: Analysis of local data storage, encryption practices, permission models, and exposure risks across Android and iOS.
• Authentication and Session Security: Evaluation of login flows, session lifecycle, credential handling, and token protection.
• Communication and API Security: Assessment of network transport security, API calls, request/response behavior, and potential data leakage during communication with backend services, including those deployed in cloud platforms such as AWS.
• Platform Specific Vulnerability Detection: Identification of vulnerabilities tied to platform features such as insecure intents, weak cryptographic use, insufficient jailbreak/root detection, or unsafe platform interactions.
• Actionable Reporting and Prioritized Remediation: Clear findings mapped to business impact with practical recommendations to strengthen mobile security across client side logic and backend integrations.
This assessment is suited for product security, AppSec, and mobile development teams seeking to improve security maturity, reduce risk, and ensure robust protection across mobile applications and their supporting infrastructure.
Highlights
- End‑to‑End Mobile App Security Review: Comprehensive assessment of data handling, authentication, session flows, API communication, and platform interactions across Android and iOS.
- Standards‑Based, CREST‑Accredited Testing: Evaluation aligned with the OWASP Mobile Security Testing Guide (MSTG) for consistent, high‑quality mobile security coverage.
- Actionable Findings and Remediation: Clear, prioritized reports that help teams address vulnerabilities and strengthen mobile application security across client‑side and backend environments, including cloud‑hosted services.
Details
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Support is provided by Check Point Services and is available 24x7x365. For any questions, assistance, or support requests, please contact services@checkpoint.com
Software associated with this service
By Check Point Software Technologies
CloudGuard Code Security is a blazing-fast language-agnostic scanner for detecting secrets, CVEs, and compliance violations in code and IaC with CI/CD hardening features, which seamlessly integrates into everything from the IDE to git and build machine.
By Check Point Software Technologies
The Cyberint Argos platform is a unified external
cyber risk management solution that continuously
detects and mitigates a broad range of threats.
With a focus on impactful intelligence and
efficiency, Cyberint saves your team time and
helps you mitigate external cyber risks before they
develop into costly incidents.
By Check Point Software Technologies
Check Point Exposure Management is an intelligence-led, remediation-driven platform that continuously identifies, prioritizes, and safely remediates exposures across hybrid environments. It unifies threat intelligence, vulnerability prioritization, and safe remediation to reduce risk before attackers exploit it.
By Check Point Software Technologies
Check Point Managed Rules for AWS Network Firewall reduces operational overhead by providing expertly curated, pre-configured Suricata rule sets, powered by Check Point ThreatCloud AI, designed to detect and prevent malicious network activity.