Detect security risks inside Android / iOS application, provide advices on security issues found, and help developers understand and improve the security of their development programs.
Contact SalesiJiami divides mobile application security detection into static analysis and dynamic analysis, involving over 100 risk points in application security, source code security and data security and provides users with security detection reports.
During static detection, static analysis tools, such as apktool, dex2jar, jd-gui, smali2dex, are used to decompile the application. The decompiled java files, xml files, etc. are statically scanned and analyzed. Codes with potential safety problems are extracted by keyword search and other static methods, and then are stored in the background of the detection platform to provide data basis for subsequent security detection reports.
During dynamic detection, the installation and operation of applications are monitored and analyzed with the sandbox model and virtual machine, etc. The execution process of the application are observed from the outside to record the malicious behaviors displayed by the application.
More than 100 security detection items are used to evaluate the application comprehensively.
Combination of static and dynamic inspection techniques to improve inspection accuracy.
Detection reports are generated automatically to reflect the security risks and provide suggestions for solutions.