The following types of analysis are performed to assess the security of the application and its backend:
Ostorlab performs analysis of the binary to identify security weaknesses. The security scanner performs analysis on the Dalvik Bytecode for Android and ARM assembly instructions for both Android and iOS.
Ostorlab executes and monitors the mobile application interactions with the filesystem, network and APIs to detect any vulnerable behavior.
Ostorlab performs guided fuzzing to detect malicious that can exploit a vulnerability in the mobile application and backend servers.
Ostorlab Mobile Security Scanner supports the following platforms and frameworks:
Scan report contains technical descriptions of identified vulnerabilities and fix recommendations
This view provides relevant information about the application, the scan and the vulnerabilties identified.
The reports measures a global risk barometer and scan code coverage percentage
The vulnerability details contains the following sections: