Tigerspike partners with Heartbleed’s Codenomicon

Tigerspike partners with Heartbleed’s Codenomicon

Partnership addresses critical mobile security vulnerabilities

Sydney, Australia and Saratoga, CA, USA - May, 2014 – Mobile technology company Tigerspike and Codenomicon, developer of innovative security testing solutions, today announced a partnership in mobile security. The companies will jointly help customers to assess the security of their mobile applications and address their mobile security needs.

“The need for mobile security has never been higher”, says Luke Janssen, CEO of Tigerspike. “Through our partnership with Codenomicon, we are addressing this massive need in the marketplace.”

The use of mobile applications in enterprise is exploding. In addition to customer applications, mobile applications are increasingly used by companies to automate internal processes. However, the growing importance of mobile applications stands in contrast to the lack of mobile security. Unfortunately, when it comes to mobiles, company IT security policies are often ignored.

“Surprisingly, in many cases, the CIO does not know that mobile applications containing sensitive information exist”, explains Luke Janssen, CEO of Tigerspike. “In Australia, serious non-compliance with the new laws can translate into a penalty of up to AUD1.7m for organisations and AUD 340,000 for individuals, so mobile security is something that CIOs and CEOs now must take seriously”.
In 2011 Tigerspike set up a Future Technologies division within their Innovation Lab. The purpose of the division is to create and patent new technologies and re-think existing technologies given the growth in mobile. Searching for solutions to address their customers’ burgeoning enterprise mobility needs, the company encountered a severe shortage of reputable firms that were able to proactively deal with security issues. The company then started working on two key aspects of the security stack: encryption and password strength. Codenomicon’s offering complements Tigerspike’s capabilities by providing security testing solutions for mobile applications.

“There are very few companies in the mobile security space”, says Dr. Stuart Christmas, Director of Future Technologies at Tigerspike. “Out of all the companies we considered, only Codenomicon had effective security diagnostic tools for mobile.”

Codenomicon has developed security solutions for networks, devices and applications for over ten years. The Codenomicon test suite for mobile applications automatically scans applications for security weaknesses. Within minutes of uploading an application, the test suite reveals all third-party and open source code and lists the corresponding known vulnerabilities and software license information.

“At Codenomicon, our goal is to find security flaws others cannot find”, says David Chartier, CEO of Codenomicon. “We are constantly developing new solutions to address the evolving security testing needs of our global customers.”

The Heartbleed vulnerability was discovered by Codenomicon researchers during the development of Codenomicon’s new SafeGuard security testing feature. Heartbleed is an extremely serious vulnerability in the popular OpenSSL cryptographic software library, used by 66% of Internet servers to ensure the security and privacy of online communication. Mobile applications access the same servers as their website counterparts. Given this, the Heartbleed vulnerability also affects mobile applications.

“Vulnerabilities are mistakes in code. Software is written by humans, so there will always be mistakes”, adds David Chartier, CEO of Codenomicon. “The question is who is going to find them and when.”

Unknown vulnerabilities, such as Heartbleed, that was undiscovered for two years, are the largest threat to security by far. The reason is there are no defences against attacks exploiting them.

“What you do not know will hurt you”, David Chartier continues. “Companies with mobile application containing sensitive information simply must make mobile security a priority”.

Ends

© Scoop Media