Last month, Wikileaks began releasing a trove of CIA programs and documentation, claiming it to be the “largest ever publication of confidential documents on the agency.” The release, which Wikileaks is naming “Vault 7”, includes over 8,000 documents and files from a high-security network inside the CIA’s Centre for Cyber Intelligence.
Vault 7 is having immediate repercussions. Reportedly, Wikileaks has provided Apple, Microsoft and Google with a 90-day deadline to fix the security flaws highlighted by the Vault 7 data, stipulating that the IT giants need to improve the quality of their software and be more responsive to potential risks. And Cisco Systems partners are advising customers on how to bypass a critical security vulnerability highlighted by the leak.
Vault 7, of course, follows on from the fact that earlier this year, according to Wikileaks, the CIA “lost control” of the majority of its hacking tools, systems and documentation, including malware, viruses, trojans, weaponised “zero day” exploits, malware remote control systems and associated documentation. Fairly alarmingly, it means hackers, globally, now have access to several hundred million lines of code, which gives them the same hacking power and capability as the CIA.
Sub-header What does this hack mean for you and your app security?
Body As always, security remains a vital consideration for app developers. A security breach can lead to a significant loss in revenue and reputation, both with end users, and your employers.
Rather than spending valuable time and effort reacting to threats and creating and deploying patches, it makes sense to tackle increasing security risks up-front.
This is where Quixxi comes in.
Quixxi app security: how it works
The first step in improving your app’s security is to test its vulnerability.
Quixxi’s Mobile App Vulnerability Report uses artificial intelligence and machine learning to give you a complete picture of where your mobile app may be at risk.
You simply create a project on the Quixxi Portal, upload your Android or iOS app, and within minutes, you have a report highlighting how your mobile app performs against key security criteria. You also receive a Quixxi Security Rating which you can use alongside your app promotions.
For additional peace of mind, Quixxi also offers more in-depth manual testing and reports with detailed recommendations for resolving issues, with our Quixxi Penetration Testing plan. Our team simulate hackers trying to gain access to your app’s infrastructure, system features and data.
Importantly, our penetration testing meets the rigorous industry standards as defined by OWASP – meaning we focus both on your end- user mobile apps as well as the broader, server- side infrastructure your apps communicate with. We also test for issues identified in our own R&D lab and by other sources.
My app shows security vulnerabilities. What now?
Depending on the level of vulnerability revealed by Quixxi’s testing, you can request a Quixxi Security Wrapper. This multi-layered binary production engine uses military-grade cryptography standards and patent-pending security algorithms to prevent reverse engineering, decompilation, malware and tampering.
Our proprietary algorithm uses several unlisted, unmarketed security layers to keep our security signature a trade secret, and unique in the marketplace. Plus, it only takes a few minutes for us to wrap your code for you so you can republish your app.