In the mobile application security arena, change is a constant. Mobile application code and software architectures are constantly evolving, and so are hackers looking to exploit security weaknesses.

The recent Gartner “Hype Cycle for Application Security, 2024” states, “Application security roles are evolving, with software engineers taking over the hands-on work of conducting ‘shift-left’ security testing and remediating vulnerabilities, while application security leaders become advisors who define application security policies and monitor their correct enforcement. Innovations such as reachability analysis and application security posture management (ASPM) are maturing to serve security leaders and improve developer experience and enablement.”

The Hype Cycle looks at an extensive range of categories, including Mobile application security testing (AST) in which Quokka is listed as a Sample Vendor.

Gaps in Mobile Application Security

The report makes clear, “Mobile applications can be exploited by attackers to steal enterprise data and defraud their customers.” However, the report also states, “Many organizations have less-advanced application security programs and are not yet testing mobile app code.”

The Emergence of Mobile Application Security Testing

The report looks specifically at mobile application security testing and lists Quokka as a Sample Vendor. For those new to this arena, the report offers the following definition: “Mobile application security testing (AST) identifies and helps remediate vulnerabilities within mobile apps for iOS and Android devices. Mobile AST analyzes source, byte or binary code and observes or attacks mobile apps to identify coding, design, packaging, deployment and runtime conditions that introduce security vulnerabilities.”

The Gartner Hype Cycle features the following phases: Innovation Trigger, Peak of Inflated Expectations, Trough of Disillusionment, Slope of Enlightenment, and Plateau of Productivity. According to this recent report, mobile application security testing has moved into the Slope of Enlightenment. 

Our Perspective: How Quokka Addresses Mobile App Security Gaps

Quokka’s Q-MAST solution enables organizations to effectively measure the security and privacy preparedness of their applications. Q-MAST offers a broad and in-depth range of tests covering every stage of the software development lifecycle (SDLC), from design to deployment. Q-MAST can do this testing without source code access. With a design tailored for DevSecOps workflows, Q-MAST supports continuous, automated security testing.

Conclusion

Security professionals have seen plenty of change in recent years and more change will keep coming more rapidly. For this reason, mobile application security will need to keep evolving. 

To learn more about the evolving application security landscape, review the complete Gartner “Hype Cycle for Application Security, 2024” (Gartner subscribers can access the report from here).

To learn more about Q-MAST, request a demo and learn how Quokka fits within your unique environment.

_______________________________________

Gartner, Hype Cycle for Application Security, 2024. By Dionisio Zumerle, 29 July 2024

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and HYPE CYCLE is a registered trademark of
Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.