How to Uncover Mobile App Security Flaws
In addition to running a tool such as CxSuite to check for mobile app vulnerabilities, there are several other things you’ll want to look for including:
Cryptographic database keys that are hard-coded into the app
Improper handling of sensitive information such as storing personally-identifiable information (a.k.a. PII) locally where the user and other apps can access it
Login weaknesses, such as being able to get around login prompts
Allowing weak, or blank, passwords
Note that these checks are mostly uncovered via manual analysis and may require tools such as wireless network analyzers, forensics tools, and web proxies, respectively. As with IoT, the important thing is that you’re testing the security of your mobile apps. Better for you to find the flaws than for someone else!