Marvin’s software-as-a-service (SaaS)-based offering firmly targets the bring-your-own-device (BYOD) trend within enterprises by providing mobile application testing via the cloud. It then returns detailed reports on every aspect of the specific app’s capabilities and behavior, including malware detection, the potential for data leakage and privacy loss. So, rather than scanning the entire phone and applying security parameters to everything contained on it, enterprises can require the testing only for apps that employees use for work purposes.
Given user concerns about privacy when it comes to BYOD and mobile device management, the approach can be an innovative workaround. Also, enterprises (and app stores, for that matter) can use the service to vet mobile apps before accepting them into their technology ecosystem. Also, they can integrate this capability with their existing investments in control-point technologies such as MDM or mobile application management (MAM) products.
The new service will complement Veracode’s existing security-as-a-service mobile offering, which has focused on giving enterprise IT the ability to manage and enforce risk-based mobile app policies within their organization throughout the mobile app development lifecycle. It offers that capability for BYOD endpoints as well as corporate-issued devices. Now, Marvin gives Veracode another arrow in the quiver as businesses wrestle with the correct way to build, deploy and enforce policies around BYOD – it is not a one-size-fits-all proposition.
“Veracode has been helping customers secure mobile apps by offering automated vulnerability detection on Android and iOS platforms, and with Marvin’s technology we can more fully enable customers to address the security and privacy concerns created by the rapid adoption of mobile apps,” said Bob Brennan, CEO of Veracode, in a statement. “Organizations can quickly gain the intelligence they need to prevent attacks and reduce the risk of information loss that often accompanies an increasingly mobile infrastructure.