Abir Jelti

Digital Marketer LinkedIn

Abir is a digital marketer at Ostorlab. She focuses on mobile application security testing, producing educational and data-driven content around vulnerabilities, security practices, and real-world testing insights. Her work is grounded in in-depth research and is reviewed for technical accuracy and reproducibility by the Ostorlab engineering team. She contributes to making security findings clear, structured, and actionable.

Articles by Abir Jelti

Agentic harnesses change what an LLM can do in mobile app security testing. On its own, a model can name likely risks such as insecure storage, exposed secrets, risky permissions, vulnerable SDKs, backend issues, and privacy exposure, but the app may remain untouched. With the right tools, context, memory, prompts, execution loops, and runtime feedback around it, the model can inspect the app package, observe behavior, follow traffic, connect signals, and leave behind evidence a security team can review. From permission analysis to JEF-powered native exploitation, the difference is visible in the trace: app evidence, tool output, runtime proof, and reproducible steps instead of report-shaped text.

Product

Introducing Ostorlab App Vetting for the Agentic Era

Ostorlab has launched App Vetting, a mobile application risk assessment solution that helps teams...

Tue 16 June 2026

Engineering

Building an AI PR Reviewer Engineers Actually Trust

We built an AI-powered pull request reviewer, shut it down after hallucinations and false positiv...

Mon 08 June 2026

Security

DORA Compliance Checklist for Banking & Fintech: Audit-Ready Operational Resilience Validation

A DORA compliance checklist helps banking and fintech organizations evaluate operational resilien...

Wed 29 April 2026

Protecting mobile banking apps requires more than securing the client alone. This guide explores the risks across devices, networks, and backend systems, and explains why continuous mobile security testing is essential for protecting financial data and transactions.

Ostorlab now integrates with Harness CI to run automated mobile application security scans inside CI pipelines. Using Harness Secrets and a simple Run step, teams can install the Ostorlab CLI and run ostorlab ci-scan run against the same build artifacts produced by the pipeline (e.g., Android APK, Android AAB, or iOS IPA). The integration helps bring security into CI by improving feedback speed and catching vulnerabilities earlier, with options to tailor scans via profiles (fast, full) and optional inputs like test credentials, SBOM, and UI prompts.

Latest posts

How to Automate Security Testing Behind Login Walls (2FA & MFA)

Modern applications are more secure than ever, but that security introduces a major challenge. With the widespread adoption of Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA), automated security testing often stops at the login stage. As a result, automated testing often fails to reach the parts of the application where real user activity and risk exist.

Mon 30 March 2026