BLOG
The Appknox plugin for Azure provides fully-automated mobile app security & privacy testing optimized & integrated directly into the Azure DevOps pipeline.
- Posted on: Jan 23, 2020
-
2 Mins Read
- Last updated on: May 8, 2024
Appknox enables organizations to leverage CI/CD tools such as Azure DevOps, Jira, and GitHub to ship software faster and with higher quality. This extension enables automated mobile app security testing of Android and iOS mobile app binaries developed in any language, framework and further push the issues into CI/CD pipeline which can be fixed by your development team.
The extension adds the ability to perform automated app security testing and push the issues to Azure devops .
Introducing Azure
Plenty of developers who need to create, manage and deploy software on different platforms that contain multiple languages use Azure DevOps.
Why? Let’s take a step back to the basics. DevOps is a set of practices that automates the processes between the software development team and the IT team. This integration makes building, testing and releasing software faster and more reliable.
The Azure DevOps platform helps developers build, test and deliver faster, cleaner and more secure apps. It offers a range of tools and features that developers love like test plans, free and private Git repos, custom team dashboards and Kanban boards. This makes it a go-to platform for many developers.
What does the Appknox plugin do?
Many developers have CI/CD pipelines running on Azure, while they also leverage the Appknox platform.
The plugin helps developers integrate the two to take advantage of the features of both platforms. This enables them to build and test their code effortlessly.
The Appknox plugin for Azure provides fully-automated mobile app security and privacy testing (static, dynamic and behavioral analysis) optimized for and integrated directly into the Azure DevOps pipeline.
The solution can test software developed in any language and provides a complete analysis of the mobile app.
Developers can configure the CI/CD for a single project in one solution.
Key Benefits of the Appknox Extension for Azure?
By using the Appknox plugin, you stand to benefit from:
- It’s easy to set up with one-click integration.
- With this service, the build can be uploaded directly from the Azure pipeline to the Appknox dashboard.
- It facilitates automated mobile app security and privacy testing.
- It works on both Android and iOS mobile app binaries.
- It is compatible with apps developed in any language, framework or tool.
- It helps mobile app teams ensure that security and privacy are taken care of from development to deployment.
How to use the Appknox Plugin?
To use the Appknox plugin for Azure, you can follow the steps below:
Step 1: Task Parameters
You need the following parameters for the task:
|
param |
required |
description |
| filePath | true | Path to APK/IPA file |
| accessToken | true | Appknox API Access Token |
| riskThreshold | false | Risk level to fail the build. Available options are: low, medium, high, critical |
Step 2: Install the Plugin
Next, you can install Appknox plugin to your Azure organization.
Step 3: Add Appknox Task To Azure Pipeline
You can add an Appknox Task to your Azure Pipeline, like so:
- From Azure Pipelines ‘Edit’ page, search for the Appknox task in the Tasks tab.
- Here, configure the required parameters.
- The above configuration uses env variable $access_token, please set the value of it in the variables tab.
Step 4: View Output logs
The above task will upload the binary which will undergo Appknox automated scanning. The progress can be viewed in the pipeline build logs.
To illustrate, we’ve outlined a Pipeline for Android below:
Get the Appknox Plugin
You can download the Appknox plugin directly from the Azure marketplace. The plugin is compatible with Azure DevOps Services and Azure DevOps Server.
Conclusion: Appknox and Security
Before we wrap up, we want to touch briefly upon mobile app security.
Apps are at constant risk with vulnerabilities being exploited by hackers every 39 seconds!
One of the biggest problems lies in using uniform solutions across the board when in reality, all companies are different. Each one comes with its own unique problems and using generic solutions may escalate problems instead of solving them.
At Appknox, we understand this conundrum and function above it. We understand your unique problems by brainstorming with you. We then carefully analyze the issues and suggest solutions for your company.
Plus, we give you a dedicated account manager who will ensure the successful implementation of the solution.
You can rest assured that your apps are secure. If you’re interested in leveraging the benefits of Appknox, get in touch for a complimentary consultation!
