Click here to close now.

Welcome!

Cloud Expo Authors: Glenn Rossman, Marty Puranik, Elizabeth White, Max Katz, Liz McMillan

News Feed Item

IBM MobileFirst Helps Organizations Strengthen App Security

Made in IBM Labs: Security Software Shows Where Vulnerabilities Appear in iOS Apps

ARMONK, N.Y., Feb. 21, 2013 /PRNewswire/ -- IBM (NYSE: IBM) today announced security software that helps organizations proactively reduce the security risk to iOS enterprise apps. Clients will be able to build security testing into the initial design of mobile apps so that vulnerabilities can be detected early in the development process, before being deployed to customers or employees. Today's announcement further expands the IBM MobileFirst portfolio, which marries deep expertise with a comprehensive set of mobile software and cloud-based services.  

(Logo: http://photos.prnewswire.com/prnh/20090416/IBMLOGO)

According to Gartner, more than 45.6 billion mobile apps were downloaded in 2012. As the rate of app use on mobile devices increases, securing smartphones and other endpoint devices is a top priority for organizations and Chief Information Security Officers. With the proliferation of consumer and enterprise mobile apps, organizations cannot always control or restrict the apps installed on user devices, so they must test how apps send and save data. IBM's new security software can automatically identify where data enters and leaves a mobile app, helping to prevent mobile data leakage. 

Improving Security and Reducing Costs of iOS Mobile Apps
The pace of mobile application releases and updates can be overwhelming for organizations trying to maintain strict security guidelines and policies. IBM AppScan Source 8.7 for iOS provides the ability to improve security quality without sacrificing time-to-market of mobile app projects. This allows organizations to better protect each mobile app release in the face of constant updates. IBM previously announced IBM AppScan for apps running on the Android platform.

KiwiTech is a leading mobile technology firm headquartered in Washington DC, and offices in New York and New Delhi. The company has developed more than 750 apps which have generated over three million downloads on iOS and Android platforms. With more than 200 mobile development and related professionals focused on app development, including security is a top priority for the organization.

"Over the last four years, KiwiTech has developed hundreds of iOS and Android mobile apps for organizations around the world. As the risk from mobile malware and data leakage grows, our customers are looking for ways to secure their iOS and Android apps and protect corporate data," said Rakesh Gupta, Chief Executive Officer, KiwiTech. "The new IBM AppScan product will allow us to proactively secure mobile apps and automate security testing to ensure our customers can keep pace with constant updates."

In addition, IBM AppScan Source 8.7 for iOS can help reduce the cost of developing secure apps by building security analysis early into the development cycle. It provides developers with an unmatched view into where vulnerabilities appear in their mobile apps, which improves security quality without sacrificing time to market of mobile app projects.

"This new capability showcases IBM's execution in our strategy to help clients incorporate security into their infrastructure and solutions from the design, development and testing phases rather than leaving security to become an afterthought," said Caleb Barlow, Director of Application, Data and Mobile Security, IBM. "It also aligns with the IBM MobileFirst strategy by empowering organizations with confidence to aggressively evolve and seize the business potential that mobility promises."

New capabilities to IBM AppScan Source 8.7 for iOS include:

  • Complete Language Support for Objective-C, JavaScript and Java: Includes the ability to do call and data flow analysis that will generate trace information. This new capability enables organizations to build secure enterprise mobile apps, regardless of technology choice, for employees and partners.
  • Support for US Federal Government Requirements: Internet Protocol version 6 (IPv6) and use of a FIPS 140-2 validated cryptographic module.
  • 40,000 Mobile Security APIs Supported: IBM Security Research conducted a comprehensive analysis on the iOS Software Development Kit (SDK) to include coverage of APIs that might introduce security risks. The API profiles have been added to the IBM AppScan Source Security Knowledgebase and tied to the analysis engine. Combined with the research conducted on the Android SDK, IBM AppScan Source has researched and characterized the security risk of approximately 40,000 mobile APIs.

IBM AppScan Source 8.7 for iOS is planned for release on March 25th.

About IBM Security
AppScan is part of IBM's portfolio that provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world's broadest security research and development, and delivery organizations. This comprises 10 security operations centers, nine IBM Research centers, 11 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents.

For more information on IBM security, please visit: www.ibm.com/security.

About IBM MobileFirst
As the first new technology platform for business to emerge since the World Wide Web, mobile computing represents one of the greatest opportunities for organizations to expand their business. Based on nearly 1,000 customer engagements, 10 mobile-related acquisitions in the last four years, a team of thousands of mobile experts and 270 patents in wireless innovations, IBM MobileFirst offers an array of solutions that helps businesses connect, secure, manage and develop mobile networks, infrastructures and applications.

To learn more, visit the IBM MobileFirst press kit or http://www.ibm.com/mobilefirst. Follow @ibmmobile, #ibmmobile on Twitter, and see IBM MobileFirst on YouTube, Tumblr and Instagram.

Contact(s) information

John Connolly
IBM Media Relations
(781) 636-8512
[email protected]

Tod Freeman
IBM Media Relations
(415) 320-5893
[email protected]

SOURCE IBM

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@CloudExpo Stories
The speed of product development has increased massively in the past 10 years. At the same time our formal secure development and SDL methodologies have fallen behind. This forces product developers to choose between rapid release times and security. In his session at DevOps Summit, Michael Murray, Director of Cyber Security Consulting and Assessment at GE Healthcare, examined the problems and presented some solutions for moving security into the DevOps lifecycle to ensure that we get fast AND ...
Red Hat has launched the Red Hat Cloud Innovation Practice, a new global team of experts that will assist companies with more quickly on-ramping to the cloud. They will do this by providing solutions and services such as validated designs with reference architectures and agile methodology consulting, training, and support. The Red Hat Cloud Innovation Practice is born out of the integration of technology and engineering expertise gained through the company’s 2014 acquisitions of leading Ceph s...
Since 2008 and for the first time in history, more than half of humans live in urban areas, urging cities to become “smart.” Today, cities can leverage the wide availability of smartphones combined with new technologies such as Beacons or NFC to connect their urban furniture and environment to create citizen-first services that improve transportation, way-finding and information delivery. In her session at @ThingsExpo, Laetitia Gazel-Anthoine, CEO of Connecthings, will focus on successful use c...
Docker is becoming very popular--we are seeing every major private and public cloud vendor racing to adopt it. It promises portability and interoperability, and is quickly becoming the currency of the Cloud. In his session at DevOps Summit, Bart Copeland, CEO of ActiveState, discussed why Docker is so important to the future of the cloud, but will also take a step back and show that Docker is actually only one piece of the puzzle. Copeland will outline the bigger picture of where Docker fits a...
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing ...
Software Defined Storage provides many benefits for customers including agility, flexibility, faster adoption of new technology and cost effectiveness. However, for IT organizations it can be challenging and complex to build your Enterprise Grade Storage from software. In his session at Cloud Expo, Paul Turner, CMO at Cloudian, looked at the new Original Design Manufacturer (ODM) market and how it is changing the storage world. Now Software Defined Storage companies can build Enterprise grade ...
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. ...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS soluti...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what th...
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and ex...
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize sup...
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science f...
Docker has acquired software-defined networking (SDN) startup SocketPlane. SocketPlane, which was founded in Q4, 2014, with a vision of delivering Docker-native networking, has been an active participant in shaping the initial efforts around Docker’s open API for networking. The explicit focus of the SocketPlane team within Docker will be on collaborating with the partner community to complete a rich set of networking APIs that addresses the needs of application developers and network and system...
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, will answer that question citing examples, showing how to create opportunities f...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
FedRAMP is mandatory for government cloud deployments and businesses need to comply in order to provide services for federal engagements. In his session at 16th Cloud Expo, Abel Sussman, Director for Coalfire Public Sector practice, will review the Federal Risk and Authorization Management Program (FedRAMP) process and provide advice on overcoming common compliance obstacles.
The cloud is now a fact of life but generating recurring revenues that are driven by solutions and services on a consumption model have been hard to implement, until now. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, will discuss how a top European telco has leveraged the innovative recurring revenue generating capability of the consumption cloud to enable a unique cloud monetization mod...
Are your applications getting in the way of your business strategy? It’s time to rethink your IT approach. In his session at 16th Cloud Expo, Madhukar Kumar, Vice President, Product Management at Liaison Technologies, will discuss a new data-centric approach to IT that allows your data, not applications, to inform business strategy. By moving away from an application-centric IT model where data integration and analysis are subservient to the constraints of applications, your organization will b...
As organizations shift toward IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection &E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 16th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships, will disc...