NowSecure AI-Navigator cuts mobile app testing time by automating authentication

NowSecure announced the launch of AI-Navigator, new functionality that streamlines and improves mobile application security testing. By automating authentication workflows, NowSecure enables security teams to dynamically test mobile apps for vulnerabilities and privacy leaks up to 90% faster.

“Mobile apps are the front door to enterprise and consumer data, but security teams have struggled to continuously test them because they are unable to log in,” said NowSecure CTO David Weinstein.

“Unauthenticated testing overlooks up to 95% of a mobile app’s exposure and attack surface — where most sensitive data handling occurs and the greatest risks to the business reside. AI-Navigator combines AI automation with our proven real-device dynamic testing platform to deliver the data, AI, and supply chain security that no other IT security investments provide,” Weinstein added.

Introducing NowSecure AI-Navigator

NowSecure AI-Navigator makes authenticated testing easy and self-service by automating the login process and eliminating the brittle scripts and complex configurations that have caused security teams to limit testing to basic static analysis. It seamlessly integrates with NowSecure’s MARM platform to identify leaks and vulnerabilities including excessive data collection, unencrypted sensitive data in motion, and communications with unauthorized network endpoints and LLMs.

NowSecure AI-Navigator reduces the risk assessment process from days to minutes by making authenticated testing easy and self-service. It automates the login process in a way that is resilient to UI and UX changes, enabling development and security teams to focus on resolving issues and delivering great mobile apps.

Key capabilities include:

• AI workflow navigation: Automates secure login for post-authentication testing
• Scriptless automation: Eliminates manual configuration and ongoing maintenance burden
• Real device testing: Executes on physical Android and iOS devices for highest accuracy
• Adaptive resilience: Automatically adjusts to UI/UX changes across app versions
• Unified platform: Integrates with existing NowSecure capabilities for comprehensive reporting and analytics

Quantifiable security impact

Early adopter results demonstrate the transformative impact of AI-Navigator:

• Days to minutes: Authenticated configuration and testing time reduced by over 90%.
• Enterprise-grade security and privacy: All sensitive data handling and device automation is entirely within the NowSecure environment. Credentials never leave the platform or interact with third-party AI models. Ensures data protection and auditability.
• Expanded coverage: AI-Navigator unlocks the 95% of your app sitting behind authentication for dynamic testing, including internal APIs, third party components (SDKs), financial transaction data, regulated data, PII and other privileged features missed by current methods.
• Improves testing efficacy: AI-Navigator successfully authenticates 100% of apps eligible for authenticated dynamic testing (roughly 9% of Android apps are currently ineligible).

“Security leaders who assume their mobile attack surface is covered by their existing API security, cloud, endpoint and network security measures are wrong,” said Ed Amoroso, Founder and CEO of TAG Infosphere.

“Mobile apps have unique capabilities, with complex supply chains that bypass existing IT security programs. The rapid onset of AI is expanding the community of mobile developers and the number of mobile apps published, with no assurance that AI is following enterprise guide rails. Authenticated dynamic testing is essential to ensure enterprise security, privacy, and safety of mobile apps,” Amoroso concluded.