Appknox mDevSecOps
Appknox platform now supports CLI to enable you to set up a complete continuous integration (CI/CD) with Appknox Tool for your mobile application’s security needs. This can be easily achieved by integrating Appknox CLI in your development CI/CD pipeline.
After integrating Appknox into a CI/CD workflow, teams can achieve a complete cycle from uploading the mobile app binary to reporting the vulnerabilities and performing reaudit at a much faster pace.
Benefits of continuous integration with Appknox:
● Reduced human effort and intervention
● Developer friendly and easy setup process
● Efficient and less effort
● Faster Turn around
● Always up to date on security for each and every build
Integration Instructions
Prerequisites:
● cURL(or equivalent) to download the Appknox CLI binary
Steps of setup:
Get Personal Access Token from Appknox dashboard from the below link:
https://secure.appknox.com/settings/developersettings
Download the appknox binary with the following command:
Set an environment variable APPKNOX_ACCESS_TOKEN with the personal token.
For example:
Use the command appknox upload <assert> to upload the respective file to Appknox.
For example: For Android, applications do the below:
To check if your file contains any vulnerabilities with the risk greater than or equal to
when the static scan is completed after the file upload. Use the following command. E.g.:
Tip: You can combine the upload and cicheck command as below:
The above command will list down all the vulnerabilities equal to or above the specified
risk threshold and will exit with an error status.
After integrating Appknox into a CI/CD workflow, teams can achieve a complete cycle from uploading the mobile app binary to reporting the vulnerabilities and performing reaudit at a much faster pace.
Benefits of continuous integration with Appknox:
● Reduced human effort and intervention
● Developer friendly and easy setup process
● Efficient and less effort
● Faster Turn around
● Always up to date on security for each and every build
Integration Instructions
Prerequisites:
● cURL(or equivalent) to download the Appknox CLI binary
Steps of setup:
Get Personal Access Token from Appknox dashboard from the below link:
https://secure.appknox.com/settings/developersettings
Download the appknox binary with the following command:
Set an environment variable APPKNOX_ACCESS_TOKEN with the personal token.
For example:
Use the command appknox upload <assert> to upload the respective file to Appknox.
For example: For Android, applications do the below:
To check if your file contains any vulnerabilities with the risk greater than or equal to
when the static scan is completed after the file upload. Use the following command. E.g.:
Tip: You can combine the upload and cicheck command as below:
The above command will list down all the vulnerabilities equal to or above the specified
risk threshold and will exit with an error status.
Updated on: 01/15/2020
Thank you!