Product
Introducing Ostorlab’s Single Vulnerability Assessment and Dig Deeper
Ostorlab is launching a powerful, highly targeted AI orchestration engine accessible through two distinct UI workflows: Single Vulnerability Assessment (SVA) and Dig Deeper. While both features share the exact same underlying AI logic, capabilities, and "Bring-Your-Own-Key" structure, they are tailored for different entry points in your workflow. SVA is launched as a fresh, standalone scan for targeted, cost-efficient assessments, fix validations, or bug bounty verifications. Dig Deeper is triggered directly from an existing finding within a scan report to instantly investigate false positives or trace exploit paths. Together, they give teams surgical control over how they test and validate individual vulnerabilities.
Tue 02 June 2026
Single Vulnerability Assessment (SVA), Dig Deeper, Scan Report PDF Design Improvement & Multilanguage Support
This release introduces Single Vulnerability Assessment (SVA) for targeted validation, Dig Deeper...
Mon 01 June 2026
Introducing HarmonyOS App Scans + Huawei AppGallery Scans
Find a vulnerability scanner for HarmonyOS apps and Huawei AppGallery releases: Ostorlab adds aut...
Mon 20 April 2026
Announcing Ostorlab for Harness: Mobile Security Scanning in CI Pipelines
Ostorlab now integrates with Harness CI to run automated mobile application security scans inside...
Mon 06 April 2026
How to Automate Security Testing Behind Login Walls (2FA & MFA)
Modern applications are more secure than ever, but that security introduces a major challenge. With the widespread adoption of Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA), automated security testing often stops at the login stage. As a result, automated testing often fails to reach the parts of the application where real user activity and risk exist.
Announcing Ostorlab for Bitrise: Mobile security scans in your CI
Ostorlab now integrates with Bitrise to run automated mobile application security scans inside CI workflows. Using a Bitrise Secret plus a simple Script step, teams can install the Ostorlab CLI and run ostorlab ci-scan run against the same build artifacts produced by the pipeline (e.g., Android APK, Android AAB, or iOS IPA). The integration helps shift security left by shortening feedback loops and catching vulnerabilities earlier, with options to tailor scans via profiles (fast, full, agentic deep scan) and optional inputs like test credentials, SBOM, and UI prompts.
Latest posts
Deep Agentic Scan (BYOK), New CI Integrations, Scan Filters & Performance
This release highlights Agentic Deep Scan with BYOK (Bring Your Own AI Key), adds Harness + Bitrise CI documentation, introduces scan filtering by tags and owners, and delivers major performance improvements across tickets and scans.
Fri 27 March 2026
Ostorlab Launches Agentic Deep Scan: The next-generation vulnerability scanner
Ostorlab has launched Agentic Deep Scan, a next-generation vulnerability scanner that validates real-world risks in iOS, Android (soon harmonyOS), and web applications. With Bring Your Own Key (BYOK) support, teams can safely explore its powerful scanning capabilities while keeping full control of their data and costs.
Thu 19 March 2026
Ostorlab 2025 Year in Review
2025 marked the turning point where AI in cybersecurity graduated from experimental prototypes to production-grade engines. In this retrospective, we explore how Ostorlab’s new AI Pentest Engine and AI Monkey Tester are already uncovering critical vulnerabilities in the wild, including a complex arbitrary file read chain in Signal for Android. From mapping global banking risks to orchestrating scans with OXO Titan, dive into the year we redefined what automated security testing can actually do.
Wed 28 January 2026
Top Mobile App Security Testing (MAST) Platforms 2026 | Vendor Evaluations
Evaluate the best MAST tools for 2026. Compare Quokka, Zimperium, Data Theorem, NowSecure, and Ostorlab for CI/CD integration, AI threat detection, and SDK support.
Mon 05 January 2026
AI Pentest Upgrades, ServiceNow Integration, Redesigned Email Notifications, and Enhanced Platform Controls
This release delivers major advancements across the Ostorlab platform, including a significant upgrade to AI Pentest, enhanced web and mobile automation, a full-featured ServiceNow integration, redesigned email notifications, improved threat intelligence capabilities, and comprehensive access control enhancements with role and owner-based permissions.
Wed 17 December 2025
Mobile Benchmarking, Monkey Tester Reliability, and Deeper Web Crawling
This release introduces newly developed insecure mobile apps, improves the Monkey Tester for reliable prompt-based input during dynamic scans, and enhances the web crawler to explore deeper routes with faster performance. These improvements boost scanning coverage, accuracy, and reliability
Tue 23 September 2025
From Random to Intelligent: How AI-Powered Monkey Testing Achieves 10x Mobile App Coverage
Ostorlab’s AI Monkey Tester transforms mobile app security testing by using natural language prompts and generative AI to automatically generate intelligent, context-aware test scenarios, resulting in up to a 10x increase in application coverage compared to traditional, rule-based testing approaches.
Fri 01 August 2025
SSL Scanner Overhaul and Improved UI Call Coverage Powered by User-Defined Prompts
This release introduces major enhancements to our AI-powered UI exploration engine, delivering smarter and more adaptive dynamic scanning across modern applications. We've overhauled our SSL scanner to detect 15+ critical SSL/TLS vulnerabilities with improved precision, and rebuilt the taint analysis engine for deeper and more reliable vulnerability detection. The release also expands coverage for secrets detection, mobile misconfigurations, and modern CVEs. Across the board, platform performance has been refined for greater speed, stability, and accuracy.
Tue 22 July 2025