Does the Vendor have a mobile application that can access the clients data/application? If so, please describe how the mobile application code is validated for security risks?
Does the Vendor have a mobile application that can access the clients data/application? If so, please describe how the mobile application code is validated for security risks?
Yes, there is a pseudo mobile application that can access client data. However, the application is built on a framework called Ionic and is used as the interface for data on the web.
Web testing will also test the “mobile” version of the app since it is a single codebase.
