Product
Announcing Ostorlab for Harness: Mobile Security Scanning in CI Pipelines
Ostorlab now integrates with Harness CI to run automated mobile application security scans inside CI pipelines. Using Harness Secrets and a simple Run step, teams can install the Ostorlab CLI and run ostorlab ci-scan run against the same build artifacts produced by the pipeline (e.g., Android APK, Android AAB, or iOS IPA). The integration helps bring security into CI by improving feedback speed and catching vulnerabilities earlier, with options to tailor scans via profiles (fast, full) and optional inputs like test credentials, SBOM, and UI prompts.
Mon 06 April 2026
How to Automate Security Testing Behind Login Walls (2FA & MFA)
Modern applications are more secure than ever, but that security introduces a major challenge. Wi...
Mon 30 March 2026
Announcing Ostorlab for Bitrise: Mobile security scans in your CI
Ostorlab now integrates with Bitrise to run automated mobile application security scans inside CI...
Fri 27 March 2026
Deep Agentic Scan (BYOK), New CI Integrations, Scan Filters & Performance
This release highlights Agentic Deep Scan with BYOK (Bring Your Own AI Key), adds Harness + Bitri...
Fri 27 March 2026
Ostorlab Launches Agentic Deep Scan: The next-generation vulnerability scanner
Ostorlab has launched Agentic Deep Scan, a next-generation vulnerability scanner that validates real-world risks in iOS, Android (soon harmonyOS), and web applications. With Bring Your Own Key (BYOK) support, teams can safely explore its powerful scanning capabilities while keeping full control of their data and costs.
Ostorlab 2025 Year in Review
2025 marked the turning point where AI in cybersecurity graduated from experimental prototypes to production-grade engines. In this retrospective, we explore how Ostorlab’s new AI Pentest Engine and AI Monkey Tester are already uncovering critical vulnerabilities in the wild, including a complex arbitrary file read chain in Signal for Android. From mapping global banking risks to orchestrating scans with OXO Titan, dive into the year we redefined what automated security testing can actually do.
Latest posts
Top Mobile App Security Testing Platforms 2026
Navigate the market for the Top Mobile App Security Testing Platforms 2026 by focusing on the criteria that actually matter for your delivery workflow. Our guide details exactly what to look for, including seamless CI/CD integration, powerful detection, and high-fidelity signal-to-noise ratios. Learn how to evaluate vendors on scalability, multiplatform support, and collaboration features to select a partner that secures your mobile releases without slowing you down.
Mon 05 January 2026
AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls
This release delivers major advancements across the Ostorlab platform, including a significant upgrade to AI Pentest, enhanced web and mobile automation, a full-featured ServiceNow integration, redesigned email notifications, improved threat intelligence capabilities, and comprehensive access control enhancements with role and owner-based permissions.
Wed 17 December 2025
Mobile Benchmarking, Monkey Tester Reliability, and Deeper Web Crawling
This release introduces newly developed insecure mobile apps, improves the Monkey Tester for reliable prompt-based input during dynamic scans, and enhances the web crawler to explore deeper routes with faster performance. These improvements boost scanning coverage, accuracy, and reliability
Tue 23 September 2025
From Random to Intelligent: How AI-Powered Monkey Testing Achieves 10x Mobile App Coverage
Ostorlab’s AI Monkey Tester transforms mobile app security testing by using natural language prompts and generative AI to automatically generate intelligent, context-aware test scenarios, resulting in up to a 10x increase in application coverage compared to traditional, rule-based testing approaches.
Fri 01 August 2025
SSL Scanner Overhaul and Improved UI Call Coverage Powered by User-Defined Prompts
This release introduces major enhancements to our AI-powered UI exploration engine, delivering smarter and more adaptive dynamic scanning across modern applications. We've overhauled our SSL scanner to detect 15+ critical SSL/TLS vulnerabilities with improved precision, and rebuilt the taint analysis engine for deeper and more reliable vulnerability detection. The release also expands coverage for secrets detection, mobile misconfigurations, and modern CVEs. Across the board, platform performance has been refined for greater speed, stability, and accuracy.
Tue 22 July 2025
Know Your App's Data Habits: A Deep Dive into Our Comprehensive Privacy Analysis
Ostorlab's Privacy Scan automatically detects mismatches between what your app's privacy policy says and what it actually does. This comprehensive analysis of policy text, permissions, code, and UI elements helps mobile developers avoid compliance violations and build user trust through accurate privacy practices.
Tue 27 May 2025
Ostorlab Security Scanner GitHub Integration
The Ostorlab Security Scanner GitHub Integration enhances mobile app development workflows by embedding automated security directly into the CI/CD pipeline. It offers a GitHub Action for scanning mobile application on every code push. It adds inline vulnerability insights directly to pull requests, highlighting the exact code changes that introduced issues and suggesting one-click fixes developers can apply without leaving GitHub.
Wed 21 May 2025
Scan, Sync, Remediate: Ostorlab Meets Vanta for Faster Audits
This article announces the new integration between Ostorlab and Vanta, explains how it works, outlines the setup process, and highlights the key benefits for security and compliance teams.
Tue 20 May 2025