Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory

View Original

MASA Program Introduction

Leviathan is excited to announce our new Mobile Application Security Assessment (MASA) portal and service that allow Android App developers to quickly engage and complete MASA assessments and be certified within the Google Play Store.

MASA is a new set of guidelines introduced by the App Defense Alliance and used by Google to allow Android App developers to complete an independent security review that will be visible within the Google Play Store app page.

MASA is based on a subset of controls taken from the OWASP Mobile Application Security Verification Standard (MASVS). Assessments are completed against these controls to ensure a baseline security posture of the application. Once the app passes all tests, a letter of assessment is submitted to Google, and then the developer can showcase the security badge in the app data safety section.

See this content in the original post

Get started today: themasa.io

Overview

Leviathan’s MASA program helps developers gain user trust by making your security and privacy controls transparent. Here’s how our MASA platform differs from our competitors:

See this content in the original post

Testing Approach

For the MASA Program, our testing methodology includes both manual and automated methods to ensure that all controls defined by App Defense Alliance are present and working.

The scope includes a general overview of all communication streams, authentication, and client-side controls.The assessment is performed across six categories of MASVS Level 1, covering each angle of the app's functionality:

  • Data Storage and Privacy

  • Cryptography

  • Authentication and Session Management

  • Network Communication

  • Platform Interaction

  • Code Quality and Build Setting

Complete your assessment as quickly as three days through our portal: themasa.io