mobile
Know Your App's Data Habits: A Deep Dive into Our Comprehensive Privacy Analysis
Ostorlab's Privacy Scan automatically detects mismatches between what your app's privacy policy says and what it actually does. This comprehensive analysis of policy text, permissions, code, and UI elements helps mobile developers avoid compliance violations and build user trust through accurate privacy practices.
Tue 27 May 2025
Ostorlab Security Scanner GitHub Integration
The Ostorlab Security Scanner GitHub Integration enhances mobile app development workflows by embedding automated security directly into the CI/CD pipeline. It offers a GitHub Action for scanning mobile application on every code push. It adds inline vulnerability insights directly to pull requests, highlighting the exact code changes that introduced issues and suggesting one-click fixes developers can apply without leaving GitHub.
Wed 21 May 2025
New OWASP Mobile Top 10
Release of new OWASP Mobile Top 10 with improvements, updates and a behind the scenes.
Mon 27 November 2023
August Fix-it!
During our recent Fix-It Week ๐ ๏ธ๐, our dedicated team put in a tremendous effort to address and resolve over 107 issues affecting our systems.
Tue 08 August 2023
Enhanced Attack Surface Detection: Introducing Faster Scans, Mobile App Attack Surface, and Improved Navigation Features
Significant improvements made to the attack surface detection platform, such as advanced asset filtering, search features, quick action buttons, and bulk asset import; it also mentions the ability to track mobile applications' attack surfaces, faster scanning speeds, and a new scan insights feature providing actionable security feedback.
Where are all these 3rd party SDKs sending my users' data? ๐จ
Ostorlabโs new features are laser-focused on helping teams understand, track and search their attack surface, what attackers are seeing and targeting, and basically what can get an organization hacked.
Latest posts
Ostorlab, top 10 vulnerability management innovators of 2023 by GRC Viewpoint
Ostorlab has been selected as one of the top 10 vulnerability management innovators of 2023 by GRC Viewpoint.
Mon 16 January 2023
2022 at Ostorlab
2022 is a year that brings with it many global challenges, including war, economic uncertainty, and rising inflation in many parts of the world. Despite these challenges, we at Ostorlab are grateful to have had an incredibly successful year.
Tue 03 January 2023
Build you CI/CD pipeline for Mobile Applications with Jenkins, Github Actions and Azure Devops
This article will cover the main challenges when implementing a CI/CD pipeline for mobile applications. We will also provide examples of how you can implement a CI/CD pipeline for Android and iOS applications in the most used Mobile CI/CD tools.
Thu 27 October 2022
Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?
CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.
Mon 24 October 2022
New Dashboard, Better Insights
As a reflection of the many new capabilities and changes we have made, we have released a new dashboard providing better insights into an organization's security posture.
Thu 20 October 2022
OWASP Mobile Application Verification Standard Support
The Mobile Application Security Verification Standard is an important step toward building secure Mobile Applications. Ostorlab now adds support for generating compliance report for L1, L2 and Resilience levels.
Tue 04 October 2022
Improved Attack Surface Discovery, Mobile and Web Security Scanning
Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.
Thu 18 August 2022
How did we react to Log4j vulnerability? Read our analysis for mobile applications.
What is the impact of Log4j vulnerability on mobile applications
Mon 20 December 2021
Changelog
View all changesAugust Fix-it!
Tue 08 August 2023