Oversecured joins our rapidly growing partnership program as the first Verified Step focusing on app security. Scan your apps before they go to production, detect known vulnerabilities, and protect your user’s data from the comfort of your favorite CI/CD service.
Oversecured currently supports Android apps written in Java and Kotlin. As a vulnerability scanner, it detects issues and groups them by severity. You can also do a quick assessment thanks to the summarized statistics at the beginning of each report.
Vulnerability statistics from the Oversecured sample report
How it works
By adding Oversecured to your Workflow you can scan each new version of your app automatically, and fix vulnerabilities at the earliest stages of development.
Once the APK file is uploaded to the service, it automatically scans for all known mobile vulnerabilities, including arbitrary code execution, theft of arbitrary files, and cross-site scripting. As a result, it generates a report that can be exported as a PDF file for a detailed overview.
The report starts with a quick summary of the findings and risk ratings: each category has a detailed explanation in terms of risk and recommendations, ordered by the level of risk and containing a list of vulnerabilities. Each vulnerability contains a listing of the mobile app code that leads to the vulnerability.
Oversecured is now available on Bitrise, so head to your dashboard, and add the Step to your Workflow if you can to give it a try. The first five scans are free! 🎉
- Open the Workflow Editor.
- Click the + plus icon to add a new Step.
- Search for Oversecured.
- Fill out the Oversecured API key and Oversecured Integration ID fields.
- If the path to the APK file is non-standard, enter it in the A Bitrise generated APK path field.
Check out the official documentation here.
Bitrise Verified Steps are official integrations developed and maintained by the service owner. If you'd like to know more about our Verified Step Program and create your Verified Step, read more about it here.