NowSecure

NowSecure

Speciality: Mobile Application Penetration Testing

Chicago, United States 107 employees
[01] About

Cybersecurity company specializing in mobile app security testing and risk management; 73 employees, $25.4M annual revenue, founded 2009 in Chicago, Illinois; $27.5M funding; offers penetration testing services including mobile app penetration testing and PTaaS; ranked #552,411 globally; active in industry news and social media.

NowSecure is the leader in Mobile Application Risk Management, providing automated and human-augmented testing solutions that deliver speed, depth, and accuracy to protect the mobile ecosystem. Trusted by hundreds of enterprises, government agencies, and global brands, NowSecure helps organizations accelerate mobile innovation while managing security and privacy risks with confidence.
[02] Services
Mobile Application Risk Management
Automated Mobile App Testing
Human-augmented Mobile App Testing
Mobile App Penetration Testing
Penetration Testing As A Service (ptaas)
Devsecops Testing
Business Risk Testing
Mobile App Privacy Testing
Adversarial Testing
Compliance And Privacy Testing
Third-party App Testing
On-premises Testing
Mobile App Security Consulting
Continuous Education And Training
[03] Certifications
ISO/IEC 17025:2017
SOC 2 Type 2

SOC 2 Type 2 Certification


Origin


SOC 2 (System and Organization Controls 2) was developed by the American Institute of Certified Public Accountants (AICPA) and introduced in 2011 as part of their Service Organization Control reporting framework. It was created to address the growing need for standardized security auditing as businesses increasingly moved their data and operations to third-party cloud service providers. The AICPA recognized that traditional financial auditing standards were insufficient for evaluating the security practices of technology service providers, prompting the development of SOC 2 to assess controls related to security, availability, processing integrity, confidentiality, and privacy based on their Trust Services Criteria.


Industry Importance


SOC 2 Type 2 certification is highly valued because it provides independent verification that a service provider has implemented and maintained effective security controls over a specified period (typically 6-12 months), rather than just at a single point in time like Type 1. This certification has become an essential requirement for vendors handling sensitive customer data, as it demonstrates to clients and stakeholders that robust security measures are consistently in place. Many enterprises now require SOC 2 Type 2 reports from their vendors as part of their third-party risk management programs, making it a competitive necessity for SaaS companies, cloud providers, and data processors seeking to build trust and win business with security-conscious organizations.

[05] Notable Clients
  • Bell Canada
  • Warner Bros Discovery
  • Velentium
  • Yellow Card
  • Department of Justice
  • Habit Mastery
  • Camelot Lottery Solutions
  • Lifeomic
  • Caribou Coffee
  • MyOwnMed
  • Vaporstream
  • US Marshals Service
  • EveryoneSocial