Your Mobile Security Testing Tool

Automated mobile application security testing identify vulnerabilities, mitigate risks, comply with regulations whether you are developer, CISO, CEO.

Get your free scan

Your Mobile Security Testing Tool

Automated mobile application security testing identify vulnerabilities, mitigate risks, comply with regulations whether you are developer, CISO, CEO.

Get your free scan

Your Mobile Security Testing Tool

Automated mobile application security testing identify vulnerabilities, mitigate risks, comply with regulations whether you are developer, CISO, CEO.

Get your free scan

Your Mobile Security Testing Tool

Automated Mobile Application Security Testing Identify vulnerabilities, mitigate risks, comply with regulations whether you are developer, CISO, CEO.

Get started free
We protect your apps and data from risks of cyber attacks.

Fast-paced development and rapid delivery often results in potential flaws and vulnerabilities in your apps. We help you identify and remediate threats and vulnerabilities in applications your company builds or downloads from third parties.

SECURE INFRASTRUCTURE

We check apps from unknown sources, app reputation service with EMM – MDM / MAM – integration and more.

App-Ray provides a way to evaluate apps and find threats before your data are affected:

Set up security rules for your device

Prevent malicious apps from being installed

Learn about vulnerabilities in your own or 3rd-party applications

Integrate with the most widely used EEMs – such as MobileIron and Airwatch

SECURE APP DEVELOPMENT

CI, SDLC, Jenkins, JIRA support, checking 3rd-party libraries, SDKs and compliance.

With App-Ray you can secure your applications by integrating vulnerability analysis into your building process.

Our REST API provides an elegant and automatized way to trigger analysis whenever you need it, and trigger actions if issues are detected, in order to prevent faulty or vulnerable releases. Test your online services against the highest security standards, export JIRA tickets for vulnerabilities and delegate issue-related tasks.

CORPORATE DATA PROTECTION

Monitor data access, prevent data leaks, analyze data flows.

App-Ray maps data flows and identifies data leakage threats – before you put your data at risk. Our advanced technology satisfies as strict standards as military and government-level requirements:

Leverage App-Ray’s sophisticated methods to map data flow

Analyze the entire network traffic, including encrypted communication

Debug API calls

Prevent data leaks

Multiple analysis techniques

Static code analysis tells you
with actionable results

Coding problems (e.g. SQL injections, deprecated API usage)
Encryption related issues (SSL/TLS problems)
Capability & data leaks
Anti-debugging techniques

Dynamic, behaviour-based analysis shows

Unmodified & instrumented testing Network communication File access

Multiple analysis techniques

Static code analysis tells you with actionable results

  • Coding problems (e.g. SQL injections, deprecated API usage)
  • Encryption related issues (SSL/TLS problems)
  • Capability & data leaks
  • Anti-debugging techniques

Dynamic, behaviour-based analysis shows

  • Unmodified & instrumented testing
  • Network communication file access
Multiple analysis techniques

Static code analysis tells you with actionable results

  • Coding problems (e.g. SQL injections, deprecated API usage)
  • Encryption related issues (SSL/TLS problems)
  • Capability & data leaks
  • Anti-debugging techniques

Dynamic, behaviour-based analysis shows

  • Unmodified & instrumented testing
  • Network communication File access
Try App-Ray

Get a fast static scan of your app for free.

Learn more
+
scanned apps
+
clients
+
issues found
FAQ

What languages and platforms does App-Ray scanner support?

We support Android and iOS for now.

What email notifications will I get from App-Ray?

App-Ray keeps customers up to date with scan and overall service status via email notifications. App-Ray users will receive emails when: Password is changed, Scan is submitted, and Scan has completed.

I received an email saying there was an issue scanning my application. What should I do?

App-Ray usually sends a scan failure email if issues are encountered scanning your application. Our engineering team will work with you to resolve any issues like this and ensure scan success.

What is DAST and SAST? Does App-Ray do both?

DAST Stands for Dynamic Application Security Testing while SAST stands for Static Application Security Testing. App-Ray does both.

What flaw categories do you look for?

The flaw categories we look for increases all the time. Examples of flaw categories that are scanned for include:

  • Input Validation: Command Injection, SQL Injection, Cross-Site Scripting, Log Forging, CRLF Injection, Path Manipulation
  • Memory Corruption: Stack/Heap Overflow, Format String Vulnerability, Unchecked Array Indexing, Improper Null Termination
  • Numeric Errors: Integer Overflow/Underflow, Signed-to-unsigned Conversion, Off-by-one Error, Numeric Truncation
  • Cryptographic Issues: Hardcoded Crypto Keys, Failure to Encrypt Sensitive Data, Insufficient Entropy
  • Others: Hardcoded Passwords, Missing XML Validation, Unchecked Return Value, Information Leakage, Malicious Code and Backdoors, Rootkit-like Behavior, Time Bombs, Anti-Debugging, Data Exfiltration, Code and Data Anomalies

Do you need my source code?

Not at all. App-Ray is operating by using your binaries only. Based on that we do an automated reverse engineering, disassembling and then we provide you the scan results.

Why should I use App-Ray instead of a source code analyzer?

App-Ray is about to change the world of mobile application development by solving this application security challenge in a fundamentally different and better way. Our cloud-based application risk management services platform offers the industry’s most comprehensive, fastest, very accurate and easy to use application security testing services. Our innovative binary analysis technology and delivery model allow those who develop software and those who purchase software to cost-effectively assess and manage risk from their software infrastructure be it internally developed, outsourced, open source or commercial applications.

Is App-Ray available on-premises, as well or SaaS only?

App-Ray is available on-premises as well. On-site installation is very fast and straightforward – usually takes up 2 hours and also remote installation is possible.

How long will it take to get my results?

App-Ray performs a fully automated scan on uploaded applications, including constructing a model of the data and control flow and identifying any flaws. The turnaround time depends on the size and complexity of the application, but on average App-Ray analyzes 90% of all uploaded applications in ten minutes or less (in case you need it faster, contact us … ).

I like the App-Ray web interface, but I do all my work in my IDE. Can you show me the results there?

App-Ray provides APIs for uploading applications and viewing results, and includes reference integrations to several bug tracking systems and integrated development environments, including Jira, Jenkins, etc.

Find out more
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google