下载PDF
Data Theorem > 实例探究 > 利用数据定理增强移动应用程序安全性:Duo 安全案例研究
Data Theorem Logo

Enhancing Security Through Automated Code Checking: A Case Study on Cisco Duo Security

技术
  • 应用基础设施与中间件 - 中间件、SDK 和库
  • 网络安全和隐私 - 应用安全
适用行业
  • 国家安全与国防
  • 电信
适用功能
  • 物流运输
  • 产品研发
用例
  • 篡改检测
  • 时间敏感网络
挑战
Duo Security 是统一访问安全和多因素身份验证的领先提供商,希望确保其移动应用程序和通用代码库的安全。
关于客户
Duo Security 是一家基于云的用户身份验证提供商,为 Facebook、派拉蒙影业和丰田等公司提供服务。他们优先考虑设计良好、技术先进且轻量级的安全解决方案。
解决方案
Data Theorem 提供了一种自动化解决方案,可在制作前和制作后扫描 Duo 的移动应用程序,识别代码问题和漏洞。它还与 Beta 测试结构集成,以满足安全和平台标准。
运营影响
  • The implementation of Data Theorem's solution has brought significant operational benefits to Duo. The automated scanning of Duo's mobile app both in pre- and post-production has ensured that any code issues are identified early, reducing the risk of app rejection by Google or Apple's stores. The alerts provided by Data Theorem have saved triage time and enabled Duo to manage issues proactively. The detailed notifications from Data Theorem have reduced the forensic research work required by Duo's developers, allowing them to focus on fixing vulnerabilities. Furthermore, the regular tips and updates on current state-of-the-art features provided by Data Theorem have helped Duo's developers stay up-to-date on new features, development cycles and enhancements. Overall, the solution has enhanced Duo's security, without slowing them down or consuming a lot of resources.

数量效益
  • Data Theorem scans for critical (P1) security issues on a daily basis, allowing Duo to know about any showstoppers in its pre-production environment, but also knowledge about “zero-days” in the wild on production apps.

  • Data Theorem’s ability to scan 3rd party SDK & Open Source libraries allowed Duo to shed light on an attack surface that would otherwise be a blind spot.

  • Data Theorem was the only company that also offers “Secure Code” directly to developers to help fix identified security issues. This enables Data Theorem's customers to streamline the amount of time and resources required to fix an issue.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.