NowSecure

NowSecure provides a comprehensive mobile app security testing platform, offering automated solutions to detect and remediate vulnerabilities. Its core product delivers scalable security analysis, encompassing static, dynamic, interactive, and software composition analysis to ensure the integrity and privacy of mobile applications. The platform helps organizations prevent data leakage and unauthorized access by providing continuous security, privacy, safety, and compliance risk management for their mobile ecosystems.

Andrew Hoog co-founded NowSecure, initially known as viaForensics, emerging from an understanding of the critical and growing security threats inherent in mobile applications. Observing the increasing reliance on mobile technology for sensitive data and operations, Hoog identified a gap in robust, automated security validation tools. This insight led to the development of a specialized platform designed to proactively protect mobile apps against evolving cyber threats.

The company primarily serves enterprises that develop and deploy mobile applications, helping them manage security risks throughout the software development lifecycle. NowSecure's vision is to be the leading authority in mobile app security, ensuring that organizations can confidently deliver secure and compliant mobile experiences. It aims to empower businesses to protect their digital assets and customer data in an increasingly mobile-centric world.

High-Level Overview

NowSecure builds a SaaS platform for mobile app risk management (MARM), automating security testing for apps built in-house, managed, or on BYOD devices to prevent data leakage, unauthorized access, and compliance risks.[1][2][3] It serves enterprises in sectors like banking/finance, defense, healthcare, government, and aerospace, with over 100 customers including Capital One, Citigroup, Shell, Home Depot, U.S. Department of Justice, and U.S. Air Force, solving vulnerabilities in mobile apps via static/dynamic analysis, SCA, and runtime testing against OWASP standards.[1][2][3][5] The company shows strong growth through a 2019 funding round of $19M, integrations with CI/CD pipelines like GitHub and AWS, and adoption in federal cybersecurity programs like AppVet.[2][3][5][7]

Origin Story

NowSecure originated as viaForensics, a Chicago-based firm founded in the U.S. with a mobile-only focus rooted in forensics and enterprise security.[1][2] Key figures include Andrew Hoog (Founder & Board Member), Alan Snyder (CEO), David Weinstein, and Katie Bochnowski, alongside early expertise in authoring five technical books on Android/iOS security and developing open-source tools.[1][2][6] The pivotal shift came in 2014 when viaForensics launched viaProtect at RSA Conference, emphasizing device/app protection, leading to a rebrand as NowSecure to reflect broader enterprise focus; early traction built on tools like viaExtract (now NowSecure Forensics) used by law enforcement.[2]

Core Differentiators

• Unified Platform: Single SaaS solution for security, privacy, compliance across in-house and third-party apps, including SDK/endpoint risks, with automated testing-to-remediation workflows.[3][4]
• Advanced Testing: Dynamic runtime analysis on real devices reveals data leaks; combines static/dynamic/SCA/penetration testing (600+ tests) against OWASP, integrated into CI/CD via GitHub, Azure, AWS.[3][5][7]
• Developer-Friendly: Remediation suggestions in tickets, DevSecOps pipeline automation, reducing manual audits; open-source tools and community support from forensics heritage.[1][3]
• Proven Scale: Handles enterprise ecosystems, federal compliance (e.g., Executive Orders, Zero Trust), with customer testimonials on time savings and expertise gaps filled.[3][5][7]

Role in the Broader Tech Landscape

NowSecure rides the mobile app security surge amid rising BYOD, third-party app risks, and supply-chain threats, amplified by U.S. federal mandates like Cybersecurity Executive Orders requiring static/dynamic testing and Zero Trust for apps/devices.[5] Timing aligns with DevSecOps shifts, where CI/CD demands automated, scalable MARM to block data gateways in high-stakes sectors like finance and defense.[3][7] Market forces favoring it include OWASP standards adoption, public app store monitoring, and EMM/MDM integrations, positioning NowSecure to influence ecosystems via tools like AppVet for government and Platform One for DoD, enhancing broader supply-chain security.[1][5]

Quick Take & Future Outlook

NowSecure is primed for expansion in automated MARM as AI-driven threats and regulatory pressures (e.g., FISMA, EO guidelines) intensify mobile scrutiny.[5] Expect deeper AI integrations for predictive risk, broader cloud/edge coverage, and global federal wins building on DoD/DoJ traction.[2][5] Its forensics-to-platform evolution could shape industry standards, evolving from niche tester to essential DevSecOps layer amid exploding app ecosystems—securing the mobile frontier where data breaches start.[3][7]