Mobile App Security Testing Companies | Top Firms

1. Microminder CS

Microminder CS is a distinguished infosec consultancy headquartered in London, United Kingdom, with additional offices in Dubai, Ireland, the Netherlands, South Africa, India, and across the Middle East, enabling us to serve clients globally.

As a CREST-certified firm, we specialise in both offensive and defensive security solutions, consistently striving to deliver innovative and actionable intelligence to our clientele.

Our team has tested over 11,000 web and mobile applications, securing more than seven million users worldwide. In our recent penetration tests, vulnerabilities were identified in 99% of cases, with 59% classified as critical or high risk. Over the past year alone, we have successfully remediated 9,000 business risks, with 40% of these related to access and authentication issues.

We are one of the best mobile application security testing companies in the UK, so we have established ourselves as a leading provider of high-quality penetration testing services. Our meticulous mobile app penetration testing service is divided into four distinct stages:

Intelligence Gathering: We collect comprehensive information about the mobile application to understand its functionality and potential vulnerabilities.

Mobile App Analysis: Our experts conduct an in-depth examination of the application's architecture and design to identify weaknesses.

Exploitation of Vulnerabilities: We simulate real-world attacks to assess the application's resilience against potential threats.

Reporting: A detailed report is provided outlining identified vulnerabilities and recommended remediation strategies.

Our mobile testing services thoroughly examine critical aspects, including public network communication, data storage, architecture and design, authentication and session management, and error codes.

Our Clients Are Happy

"Great service and always helpful. I would highly recommend their services." — Robbany Khan.

"Microminder has provided our IT support for a long time, and they are always really helpful and knowledgeable when calling for assistance. We have recently experienced a lot of network issues that have required an engineer to attend our practice as they could not be resolved remotely. The engineer (Aiden) is always efficient and professional and resolves issues quickly. We would definitely recommend Microminder to others." — Marie Laura.

"Microminder ALWAYS sorts it out when I can't. And they're very patient with me." — Rebecca Shalloe.

"Great service from the Microminder team, all the time whenever we need them, their IT services are simply the best, and we can really rely on their support whenever we need them. I have been using them for years, and they are the friendliest IT professionals I have ever come across. Cannot thank them enough." — Najeeb Hussain.

For comprehensive mobile app security testing, contact our team today.

Headquarters: London, UK
Founded: 1984
Email Address: info@micromindercs.com
Website: https://www.micromindercs.com/
Contact: +44 203-336-7200
Address: 8a Wadsworth Rd, Perivale, London, England UB6 7JD, GB
Specialisation: App Security Testing, Web Application Testing, Source Code Review, Mobile Threat Defence 

2. Checkmarx

Trusted by more than 1,800 customers, including 40% of Fortune 100 companies such as Siemens, Airbus, Salesforce, Stellantis, Adidas, Walmart, and Sanofi, Checkmarx delivers enterprise-grade mobile app protection with speed and efficiency. Its customers report a 90% reduction in noise, a 50% increase in developer productivity, and a 177% return on investment as a result of its expert services.

Supporting over 75 technologies and languages across 70 countries, Checkmarx has been recognised with industry awards, including the 2023 Gartner Peer Insights Customers' Choice for application security testing and a leadership position in the 2023 Gartner Magic Quadrant.

Headquarters: New Jersey, USA
Founded: 2006
Email Address: N/A
Website: https://checkmarx.com/
Contact: +972 3758-1816
Address: 140 E. Ridgewood Avenue, Suite 415, South Tower, Paramus, NJ 07652
Specialisation: AppSec, Application Security Testing, Software Composition Analysis, Developer Training, DevSecOps

3. NowSecure

Drawing on insights from more than 8 million automated mobile assessments and 11,000 expert penetration tests, NowSecure conducts over 4,000 automated assessments daily, identifying more than 20,000 vulnerabilities. NowSecure supports organisations in building scalable mobile application security programmes. The team provides the visibility, efficiency, and risk management needed to protect mobile initiatives effectively.

They also offer certification for critical standards, including OWASP MASVS, ADA MASA, IoXt for IoT-connected mobile applications and VPNs, and NIAP Mobile App Protection Profile for federal requirements.

Headquarters: Illinois, USA
Founded: 2009
Email Address: support@nowsecure.com
Website: https://www.nowsecure.com/
Contact: +1 312-878-1100
Address: 141 West Jackson Boulevard, Suite 1325, Chicago, IL 60604
Specialisation: DevOps, Mobile Pen Testing, Secure Mobile App Development, Mobile App Vetting

4. TestMatick

Since 2009, TestMatick has been providing software testing services, helping firms across various industries maintain high standards of quality. The company is headquartered in the USA, with development branches across Europe supporting organisations that deliver reliable software solutions.

The team provides mobile app testing services focused on functionality, performance, and compatibility to ensure smooth user experiences on both iOS and Android. With a team of over 150 skilled QA engineers, TestMatick brings together expertise in computer science, electronics, management information systems, and business sectors.

Headquarters: New York, USA
Founded: 2009
Email Address: contact@testmatick.com
Website: https://testmatick.com/
Contact: +1 212-203-8264
Address: 276 5th Ave Suite 704, New York, NY 10018
Specialisation: Mobile Apps Testing, Web Apps Testing, Automated Testing

5. App-Ray

Established in 2015 in Vienna, Austria, App-Ray has spent years refining two advanced analysis methods: static application security testing (SAST) and dynamic application security testing (DAST). These techniques identify over 80 types of susceptibilities, including data management flaws and privacy risks. Recently, the team has worked with clients to develop applications featuring the Aviator slot from SPRIBE and address concerns about user safety.

Its expertise spans mobile app safety evaluation, code hardening, real device testing, and backend security assessments. The team also focuses on risk assessment, log analysis, network protection, software fuzzing, and IoT protection.

Headquarters: Vienna, Austria
Founded: 2015
Email Address: support@app-ray.co
Website: https://app-ray.co/
Contact: N/A
Address: N/A
Specialisation: Mobile Security Testing 

6. Data Theorem

By leveraging Data Theorem’s modern approach, customers have successfully scaled their protection strategies to match today’s fast-paced development models. These capabilities allow teams to identify risks across every layer of an application stack. The agency's user base is massive, including some of the largest financial institutions.

The team’s expertise has earned recognition, including the Global InfoSec Award for mobile protection at RSA Conference 2024. Additionally, Data Theorem’s CNAPP and mobile SDK were named among the top solutions for cloud and mobile API threat protection in 2023.

Headquarters: California, USA
Founded: 2013
Email Address: info@datatheorem.com
Website: https://www.datatheorem.com/
Contact: +1 415-763-7331
Address: Data Theorem, Inc., 532 Emerson St, Palo Alto, CA 94301
Specialisation: Mobile Security, Data Privacy, Android, iOS, Windows Phone, SaaS, API Protection, Lambda, Cloud Functions

7. Pradeo

Pradeo has been recognised as a strong performer in the 2023 Gartner Peer Insights Voice of the Customer for Mobile Threat Defence. Its next-generation engine, powered by artificial intelligence, delivers highly accurate mobile app threat detection. Over the years, the Pradeo Intelligence Centre has gathered extensive mobile security data, implemented numerous detection rules, and identified a vast number of severe threats and data-leaking behaviours.

In addition, Pradeo Mobile Threat Defence helps clients simplify management and reporting. It enables CISOs and workplace managers to oversee mobility and application safety effortlessly.

Headquarters: Paris, France
Founded: 2010
Email Address: N/A
Website: https://pradeo.com/
Contact: +33 467-209-911
Address: 71 Pl. Vauban, 34000 Montpellier, France
Specialisation: Enterprise Mobility Management (EMM), In-App Protection, App Security Testing, Mobile Threat Defence

8. QA Mentor

QA Mentor, established in 2010, helps organisations across various sectors enhance their quality assurance processes. Headquartered in New York, the company operates from eight offices worldwide and holds CMMI Level 3 SVC + SSD v1.3 appraisals, along with ISO 27001:2013, ISO 9001:2015, and ISO 20000-1 certifications.

With a team of 350 offshore and onshore professionals working across time zones, QA Mentor supports 476 clients, ranging from startups to Fortune 500 companies. By offering adaptable testing solutions through a hybrid approach, the team delivers tailored, on-demand services that meet industry needs while maintaining cost efficiency and high standards.

Headquarters: New York, USA
Founded: 2010
Email Address: support@qamentor.com
Website: https://www.qamentor.com/
Contact: +1 212-960-3812
Address: QA Mentor, Inc., 1441 Broadway, 3rd Floor, New York, NY 10018 USA
Specialisation: QA Advisory Consultancy, Agile Testing, Big Data, Internet of Things, Disaster Recovery, Failover Testing, Functional Testing

9. Veracode

For nearly two decades, Veracode has provided solutions that help firms secure their software throughout the development life cycle. With capabilities such as Veracode Fix, software composition analysis, application defence posture management, malicious package detection, and penetration testing, the team enables organisations to identify and mitigate risks effectively.

As applications evolve, Veracode continues to introduce AI-driven innovations, ensuring businesses can build and deploy secure software across code, containers, and cloud environments. Used by thousands of development and security teams worldwide, Veracode delivers accurate insights into exploitable risks, facilitating real-time remediation and reducing security debt at scale.

Headquarters: Massachusetts, USA
Founded: 2006
Email Address: support@veracode.com
Website: https://www.veracode.com/
Contact: +1 877-837-2203
Address: 65 Blue Sky Dr, 3rd Floor, Burlington, Massachusetts 01803, US
Specialisation: Web Application Security, Vendor Application Protection Evaluation, Software Composition Analysis

10. a1qa

With a presence in 39 countries and the trust of over 800 clients, a1qa provides software testing services around the clock, adapting seamlessly to different time zones and client needs.

Since 2003, the team has maintained an unbiased approach to quality, assisting businesses of all sizes, including Fortune 500 companies, in delivering high-performing software. By focusing on quality assurance and testing across all types of software, from PPAs to custom-built solutions in any environment, a1qa helps businesses enhance their products and customer experiences. The team has earned ISO certification and has a lot of experience in the industry.

Headquarters: Georgia, USA
Founded: 2003
Email Address: N/A
Website: https://www.a1qa.com/
Contact: +1 720-207-5122
Address: 160 Clairemont Ave, Suite 200, Decatur, GA 30030
Specialisation: Web Testing, Software Quality Assurance, Mobile Testing, Performance Testing