Security

Ostorlab is a community effort to build a mobile application vulnerability scanner to help developers build secure mobile applications. One of the new key components of the scanner detection capabilities is a new shiny static taint engine for Android Dalvik Bytecode that was heavily optimized for performance and low false positives.

Product

We are pleased to announce a set of new improvements

Security

We have been for the last few months hard at work developing a new scan engine to identify new classes of vulnerabilities. The new scan engine is capable of identifying SQL injections, intent hijacking, insecure random seed, insecure cryptography etc.

Security

Hybrid frameworks like Cordova offers the advantage of building one app for multiple platform (support for Android, iOS, Windows Phone, FireOS, FirefoxOS ...) . The framework is easy and fast to develop with and offers generally a single API for all platforms.

Security

Before we get into SQL injections and what might go wrong, we'll start by covering some technical information on Content Providers...

Engineering

For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.

Security

Google will start identifying security weaknesses in Apps pushed to the Play Store...

Engineering

At Ostorlab we scan hundreds of Mobile Applications each day, each scan is very resource intensive but at the same time, since the beginning, we had to optimize the code for speed and maximize use of cloud resources.