Our newest Viper with MATRIX 7.5 release is our most comprehensive to date and enables Mobile Application DevSecOps teams to work even more effectively than before. Our dynamic, interactive, reporting functionality now delivers clearer insights and more actionable security assessments as well as comprehensive customization and logging capabilities.
Corellium is dedicated to mobile application security, and we are proud to be an honorable benefactor of OWASP and helping to work on providing security standards for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG). However, we also understand that automation, and improved reporting, can help mobile app developers, testers, and security teams align to identify and remediate vulnerabilities faster to reduce mobile app risk.
That’s why we have released new key updates to our MATRIX reporting functionality as well as introduced a user activity log. Our new functionality enables comprehensive tracking of all changes made within a report, including our newest functionality of evidence suppression.
Our new user activity log shows a comprehensive log of all changes made within an assessment. This includes scan information including the person who ran it, and time stamps of monitoring start and stop. The log is easily shared with security and development teams for compliance guidance. It logs modifications made to the report including adjustment of severities, changes to the status of checks, and suppression of any check evidence.
Our new MATRIX functionality not only gives you the ability to tune down the noise; it also makes reports clearer and easier to act upon the evidence that matters most. Detailed, interactive results within our dynamic reports enable testers to suppress irrelevant evidence. Individual pieces of evidence within a result can be suppressed, so the finding is made more relevant and clearer when sharing the report with others. The suppression doesn’t delete the evidence; it just grays it out, so it can be reinstated if necessary.
We have also updated MATRIX to ensure that mobile application development teams are focusing on remediating the checks that matter most to their organization. Not only by suppressing evidence in findings, but also by tailoring checks and their status. Users can now mark specific checks as "Not Applicable" when irrelevant to their environment and adjust results, focusing attention on critical issues and reducing report clutter.
To learn more about Viper with MATRIX, request a free trial today.
