Articles on: Product Related

Appknox mDevSecOps

Appknox platform now supports CLI to enable you to set up a complete continuous integration (CI/CD) with Appknox Tool for your mobile application’s security needs. This can be easily achieved by integrating Appknox CLI in your development CI/CD pipeline.
After integrating Appknox into a CI/CD workflow, teams can achieve a complete cycle from uploading the mobile app binary to reporting the vulnerabilities and performing reaudit at a much faster pace.


Appknox CI/CD Model


Benefits of continuous integration with Appknox:
● Reduced human effort and intervention
● Developer friendly and easy setup process
● Efficient and less effort
● Faster Turn around
● Always up to date on security for each and every build


**Integration Instructions **


Prerequisites:
● cURL(or equivalent) to download the Appknox CLI binary


Steps of setup:

  1. Get Personal Access Token from Appknox dashboard from the below link:
    https://secure.appknox.com/settings/developersettings




  1. Download the appknox binary with the following command:



  1. Set an environment variable APPKNOX_ACCESS_TOKEN with the personal token.
    For example:



  1. Use the command appknox upload <assert> to upload the respective file to Appknox.
    For example: For Android, applications do the below:



  1. To check if your file contains any vulnerabilities with the risk greater than or equal to
    when the static scan is completed after the file upload. Use the following command. E.g.:



Tip: You can combine the upload and cicheck command as below:



The above command will list down all the vulnerabilities equal to or above the specified
risk threshold and will exit with an error status.


Updated on: 01/15/2020

Was this article helpful?

Share your feedback

Cancel

Thank you!