Security in Integrated Circuit 
Security in Software 
Our Solutions 
Company 
Blog
Contact us
eShard
/
Our Solutions
/
esChecker

esChecker, your MAST automation companion

Reduce the time wasted to qualify your Mobile Application Protections thanks to pentest automation. The slow, manual days of pentesting mobile applications are over. esChecker is an online tool, combined with a set of APIs and plugins to facilitate your recurring security testing, designed by world-class pentesters.
Try it now
Download the Datasheet

Dynamic Application Security Testing (DAST)

esChecker attacks your apps at runtime to verify if they react as per your Security Policy. By challenging the implemented and/or integrated protection, esChecker gives a Defense Score to the Runtime Application Self-Protection (RASP).

  • Define the critical User Journeys you want to test, to turn DAST into IAST (Interactive Application Security Testing)

  • Works on protected apps: anti emulation, hook detection, root detection, …

  • Video proof of the Dynamic Attacks and the App Defense

Static Application Security Testing (SAST)

esChecker scans the binary to verify if good practices have been implemented:

  • Check calls to untrustful API,
  • Inadequate data storage,
  • Use of deprecated libraries, etc.

Define your own Security Policy

  • Pick the test & attacks you need to run out of our Test Catalogue,
  • Make sure you comply with the regulations and standards you want to meet: OWASP, PSD2, FFIEC, PCI, CWE, NIAP, FISMA, HIPAA, …

OWASP

OWASP defines a set of guidelines to test Mobile Applications Protections in the OWASP Mobile Security Testing Guide (MSTG):

  • Some can be automated: esChecker is here to assist you,
  • Others can’t: that’s on you.

By checking that your code complies with OWASP MASVS, this is a demonstration of quality.

  • Select a campaign suitable to your use case: L1(+R) or L2(+R)
  • OWASP Mobile TOP 10

Automate your pentests

esChecker helps you automate your Mobile Application Security Testing

Dynamic Security Testing

Launch automated attacks (hook, root, Frida, GDB, etc.) in real usage conditions on actual devices.

Static Security Testing

Check if the best practices are in place in your binary (deprecated APIs, unsecure functions, etc.)

Integrated in your CI/CD pipeline

Automate your security qualification during your development lifecycle, with Jenkins, GitLab, etc.

iOS & Android

All your applications deserve to be protected efficiently.

OWASP Guidelines

We help you comply with OWASP recommendations

Full qualification in 30 min

Accelerate your qualification phase and get in report

Our Solution :
Fields of application

DevSecOps

Integrate Security QA early in your Development Process. Don’t wait until your application is live to make the relevant security checks.

Learn more
© eShard 2021. All rights reserved
Privacy policy | Legal Notice
Bâtiment GIENAH
11 avenue de Canteranne
33600 PESSAC
France
7 rue Gaston de Flotte
13012 MARSEILLE
France
#04-01 Paya Lebar Quarter
1 Paya Lebar Link
SINGAPORE 408533
eShard GmbH
Lebacher Str. 4
66113 Saarbrücken
Allemagne