Support Corner: Securing Android Apps with Kiuwan

Dec 22, 2022

We’ve recently worked with several clients in the process of building mobile apps for their organizations.  As with desktop, IoT, cloud, and browser-based apps, it is critical to secure our mobile apps before deploying to production environments.  The Kiuwan platform helps us to shift security left, identify and fix issues well before its time to release to the Play Store.  

Kiuwan scans over 30 languages for security vulnerabilities.  This includes the languages used to build mobile apps today: Java, JavaScript, Swift, Objective-C, etc.  

Code scans are initiated by running the Kiuwan Local Analyzer (KLA) in your development environment, build server, or CI/CD pipeline.

After scanning with the KLA, results are displayed in the Kiuwan portal, along with all the details needed to fix each vulnerability.  The types of security issues uncovered could be information leaks, security misconfigurations, design errors, injection vulnerabilities, and others.

Support corner 1 Support Corner: Securing Android Apps with Kiuwan

Vulnerabilities may be specific to the language, or to the framework itself – in this case Android:

Support corner 2 Support Corner: Securing Android Apps with Kiuwan

While Kiuwan SAST focuses on vulnerabilities within our app’s source code, Kiuwan’s Software Composition Analysis identifies threats coming from Third Party dependencies:

Support corner 3 Support Corner: Securing Android Apps with Kiuwan

We could remediate each issue one by one.   But Kiuwan’s Action Plans help us efficiently prioritize security with time that’s available.  For example, if there are just 5 hours within a sprint to devote to app security, Kiuwan will identify the highest priority issues we can remediate within that time frame:

Support corner 4 Support Corner: Securing Android Apps with Kiuwan

Overall, Kiuwan enables us to identify, prioritize, and fix security issues before releasing an Android app to Play Store or elsewhere.  This saves time, effort, energy, and continually improves the security of our app as part of any existing development process.

Contact us to get started with code security scanning today!

Get your FREE demo of Kiuwan Application Security today!

Identify and remediate vulnerabilities fast and efficient scanning and reporting. We are compliant with all security standards tailored packages for your team to mitigate your cyber risk within the SDLC.