Appicaptor

Framework for App Security Tests

App Testing Technology provided by

Which apps are safe to install on the company tablet or smartphone? Allowing the staff to use apps indiscriminately may endanger the company’s own security. Many app developers do not have sufficient IT security knowledge, which frequently leads to inadvertent vulnerabilities. App stores may check for malware, but specific app security features and correct implementation are not the subject of verification. Fraunhofer SIT has developed the “Appicaptor” test framework exactly with this scenario in mind, giving enterprises an opportunity to automatically check whether apps are compliant with their IT security policy.

Using mobile devices harbors both chances and risks for enterprises. Apps represent a major threat. They are developed within a very short time, and frequently basic security functions contain security vulnerabilities or implementation errors. For reasons of efficiency, parts of the software code are often being recycled such as modules for individual app functions. The errors of one developer are thus sometimes propagated to other apps. Experienced attackers take advantage of this and target such vulnerabilities specifically, for example to steal passwords or corporate secrets.