SunGard Mobile Connection - security review

[Steve Werby <steve.werby () UTSA EDU>]

We have a project to deploy iOS, Android and BlackBerry applications
built on SunGard's Mobile Connection platform
(http://www.sungardhe.com/mobile/), which is based on the Rhomobile
Rhodes open source Ruby-based framework
(http://rhomobile.com/products/rhodes/). According to our contact at
SunGard, they haven't performed a source code security review, binary
analysis or vulnerability scan against the framework or their apps so
they have nothing to share to help us gauge the security of it.

 

We have little expertise in assessing the security of mobile apps so I
wanted to find out if any of you have performed a security review of the
platform and apps and have any input or guidance. Also, if you have, and
you'd be willing to share any results, I'd definitely welcome that. I'm
also looking into the possibility of having a third-party assist us with
the review. A colleague at another institution has offered to assist,
but if I can leverage something another institution is done that'll be
even better.

 

-- 

Steve Werby

Office of Information Security (OIS)

Information Security Officer

The University of Texas at San Antonio