Articles on: Product Related

Appknox mDevSecOps

Appknox platform now supports CLI to enable you to set up a complete continuous integration (CI/CD) with Appknox Tool for your mobile application’s security needs. This can be easily achieved by integrating Appknox CLI in your development CI/CD pipeline.

After integrating Appknox into a CI/CD workflow, teams can achieve a complete cycle from uploading the mobile app binary to reporting the vulnerabilities and performing reaudit at a much faster pace.


Appknox CI/CD Model


Benefits of continuous integration with Appknox:

● Reduced human effort and intervention

● Developer friendly and easy setup process

● Efficient and less effort

● Faster Turn around

● Always up to date on security for each and every build


**Integration Instructions **


Prerequisites:

● cURL(or equivalent) to download the Appknox CLI binary


Steps of setup:

  1. Get Personal Access Token from Appknox dashboard from the below link:

https://secure.appknox.com/settings/developersettings




  1. Download the appknox binary with the following command:



  1. Set an environment variable APPKNOX_ACCESS_TOKEN with the personal token.

For example:



  1. Use the command appknox upload <assert> to upload the respective file to Appknox.

For example: For Android, applications do the below:



  1. To check if your file contains any vulnerabilities with the risk greater than or equal to

when the static scan is completed after the file upload. Use the following command. E.g.:



Tip: You can combine the upload and cicheck command as below:



The above command will list down all the vulnerabilities equal to or above the specified

risk threshold and will exit with an error status.


Updated on: 01/15/2020

Was this article helpful?

Share your feedback

Cancel

Thank you!