Edgescan Mobile Application Security Testing (MAST)

Edgescan Mobile Application Security Testing (MAST) is a software-as-a-service platform that provides security testing for mobile applications on iOS and Android platforms. The solution combines automated vulnerability scanning with manual penetration testing and device forensics capabilities. The platform ingests API components used by mobile devices and applications, then performs vulnerability assessments against the application and host-server layer. After automated scanning, CREST-certified security analysts conduct manual penetration testing to identify business logic vulnerabilities and issues that automated scanners cannot detect. The solution downloads native mobile application builds onto test devices for deep testing and device forensics analysis. MAST includes device forensics functionality designed to detect data leakage onto devices, including jailbroken devices and their associated risks. The platform provides results through a unified dashboard interface that enables unlimited retesting and reporting capabilities. Testing coverage includes OWASP Top 10, WASC threat classification, and CWE/SANS Top 25 standards. The platform employs multiple risk scoring systems including CVSS, CISA KEV, EPSS, and a proprietary Validated Security Score to prioritize vulnerabilities. Edgescan is a certified PCI-ASV provider. The solution is delivered as an annual subscription service.