Product development on our mobile app security testing platform, Codified Security Instant, has two principle drivers:
- optimising the product to fit with DevOps practices, where we focus on ease of integration and speed
- listening to what our users need to ship secure apps.
We’re really excited to announce the features in our newest release, 3.0, which are live now.
New to Version 3.0
We’re using a promising balance of traditional, hands on, security research, a crawler to check the internet for new app vulnerabilities, and machine learning to categorise and build new rules as part of our Overwatch research unit. These new rules are made up of our proprietary research, the Android Security update, and the CVE list as well as other trusted sources. When the new rules are added to the engine the apps in each user’s portfolio are tested again with new vulnerabilities issuing automatic alerts to our users.
Hide 3rd party frameworks
We know that a lot of the vulnerabilities and code samples are from 3rd party frameworks, to make it simple to focus on your code we’ve made a toggle switch to hide these.
To make it easier to use Codified Security Instant in continuous integration we built a new CLI binary, take a look at our API documentation for further information.
Recommended fixes (beta)
Codified Security Instant will do further analysis to make recommendations for fixes and remediations (this feature is limited to Android & Xamarin).
Add more users
For anyone who needs to share our reports with other developers, departments, or external stakeholders there’s now a way to add them to the account.
Our Xamarin support is now out of beta.
The compliance rulesets are being added to as we continue to look into PCI-DSS and HIPAA rules. We’ve made it easier for users to engage compliance rules with a simple compliance selector.
We love to know what’s going to help you write secure code so please get in touch with us at [email protected] with any bright ideas!
Codified Security is here to help make your mobile app secure whether it’s for iOS, Android, or to make sure you’re clearing the OWASP Mobile Top 10. For mobile app security testing in under a minute try out Codified Security Instant.