Lab Automated allows security professionals, quality assurance teams, and development groups to automate mobile app security testing to find and fix flaws more quickly and easily than ever before.
After announcing the release last month, we’re excited to share updates about new tests within this powerful tool.
Added tests for iOS and Android
AFNetworking Implementation (iOS)
This test checks the implementation setting of the AFNetworking library, which allows developers to add networking functionality into their applications. This vulnerability was patched as of version 2.5.2, however, if an older version is used, all SSL traffic can be intercepted and decrypted in a standard man-in-the-middle attack.
System Log Messages (iOS)
Lab Automated has executed the system logs artifact test on Android apps for a while and now the same test can be performed on iOS apps. Debug logs are designed to detect and correct flaws in an application. These logs can also leak sensitive information that may help an attacker create a more powerful attack. The system log messages detected in an app are also now displayed in the UI.
Increased search coverage (Android)
Lab Automated allows users configure their tests to surface important search terms such as personal information, login credentials, GPS coordinates, payment information and more. Now, Lab Automated can surface search terms found within Local Application (/data/data/) files and on the SD Card.
Files Stored on SD Card (Android)
This check determines if files are stored at an external location. External storage, such as an SD card, lacks fine-tuned permissions, which allows any app to access and read files in external storage by default.
A more intuitive dashboard experience
To help users quickly sort and filter a large volume of apps and assessments in the Lab Automated dashboard, we’ve added the ability to sort apps by upload date, app name, and package name.
See video walkthroughs to learn more
The videos in the playlist above offer a quick walk-through of Lab Automated. After watching the videos, you’ll understand how easy it is to run an assessment, view a report, or integrate tools like Github. For a more in-depth demo, contact us today.