February 1, 2023

    How to activate Advanced Analysis in your AppSweep Project

    As of v2.0, AppSweep now comes with a brand new feature: advanced analysis, to further improve vulnerability detection in your projects.

    Advanced analysis enhances vulnerability detection by relying on a more comprehensive flow, for example, for data and functionality leakage or proper cryptography use.

    Advanced analysis enables the following new findings:

    • Detect user input flowing into class loaders or interpreters.
    • Detect sensitive user data being written to disk.
    • Detect sensitive user data being written to IPC mechanism.
    • Detect sensitive user data being written to logs.
    • Detect sensitive information written into a notification.
    • Detect sensitive user data being sent to the Internet.
    • Detect insecure passwords for the certificate keystores.

    Advanced analysis highly enhances the detection of vulnerabilities in your builds, but in some instances, it can lead to longer scan times. Advanced analysis is not enabled by default for all AppSweep projects.

    If advanced analysis has not been automatically enabled for one of your projects, you will see a notification for your build, shown below:

    ActivateAdvancedAnalysis

    Advanced analysis can be enabled at the project level only. If you navigate to General Settings for your project, you can enable or disable the advanced analysis to suit your preference:

    AdvancedAnalysis2

    Et voila, advanced analysis activated, let us know your feedback!

    Tag(s): Appsweep Help

    Irene Corn - Digital Product Manager

    Discover how Guardsquare provides industry-leading protection for mobile apps.

    Request Pricing

    Other posts you might be interested in