SOLUTIONS
> Side Channel Analysis
Ready-to-use side channel tools to assess cryptography algorithms.
> Laser & EM Fault Injection
Make sure your chip withstands different techniques of physical fault injections.
> Firmware Security Analysis
Qualify embedded code binaries without physical devices and benches.
> Security Failure Analysis
Photoemission analysis to explore internal information in a chip.
> Vulnerability Research
Dynamic analyses at a system level for investigating potential vulnerabilities.
TECHNOLOGIES
> Data Science Platform
esDynamic is a complete data focused platform to leverage the know-how of your team for complex analyses.
> esFirmware Engine
Assess the security of the firmware of IoT devices against logical and physical attacks.
> REVEN Engine
Record and replay vulnerability researches within reverse engineering processes and tools.
PROFESSIONAL SERVICES
> Cybersecurity Training
Grow your expertise with training modules driven by a coach.
EXPERTISE
> Mobile App Security
Know the threats and risks of your Mobile App.
> DevSecOps
Integrate the security protections verification in your CI/CD pipeline.
SOLUTIONS
> Automated Mobile App Security Testing
esChecker SaaS: automating the security testing of your mobile app binary.
> Mobile App Penetration Testing
Testing the resiliency of your Mobile App, SDK or RASP tool.
> Backend Penetration Testing
Testing the resiliency of your Web App, API or Backend Systems.
PROFESSIONAL SERVICES
> Coaching for Mobile App Developers
Providing insights into the mobile app threats and how attackers work by a learning-by-doing approach.
OUR COMPANY
> Our offices
> Events
CARREERS
> Meet our experts
> Open positions
Join our team!
FOLLOW US
Twitter
Linkedin
Youtube
Github
Gitlab
esChecker: a Mobile Application Security Testing by eShard
Download the European Mobile Banking App Security Benchmark
Did you know that 80% of Mobile Banking Apps don't have ANY root detection?
We have analysed 120+ European Bank Mobile Apps, looking for protection trends and best practices with esChecker. And we've gathered thousands of test results in this comprehensive report.
What is a Mobile Application Security Testing?
Mobile Application Security Testing solutions implement security verifications, ideally at the binary level (blackbox approach).
Behind security, it is necessary to set the right questions and pick up the tool corresponding to the following questions:
- How resilient is a mobile application to attack techniques (reverse engineering, tampering)?
- How protected is the code, in other words, how many exploitable vulnerabilities?
- To what extent does my code incorporate malware?
- How privacy-friendly is my code?
Testing the mobile app in real conditions
esChecker’s unique DAST (Dynamic Application Security Testing) technology leverages specific resources, such as real devices, to perform testing when the application is running.
In-app protections can take place at different places in your app. Doing so, you can make sure that the application behaves as expected when running critical functions on specific screens.
The hacking approach
Mobile application security is a complex field, and you can’t keep up in following developments in this area. Leave it to our security experts.
esChecker is a SaaS solution whose tests are continuously updated to reflect the hacking techniques. Running the tests on mobile apps will tell you where the weak spots are and it will guide you through improving your app regarding resilience to hacking.
Don’t say it, prove it
Confidence comes by being able to demonstrate you made the right thing.
esChecker's report provides a clear way to show demonstration of compliance from your chosen policy or from a standard like OWASP. Our unique technology encompasses the OWASP Resiliency layer (MASVS-R).
Continuous validation
Turn your DevOps into DevSecOps with continuous integration. Security is an app feature. Make sure to continuously test every new build to avoid protection regressions. We support the most popular CI/CD frameworks: Jenkins, CircleCI, Gitlab, etc.
Automate your security testing
esChecker helps you automate your Mobile Application Security Testing.
Test resilience to attacks
Investigate code vulnerabilities
100% code coverage
Tune your test campaign
Test evidence
Immediate feedback
Fields of application
Integrate Security QA early in your Development Process. Don’t wait until your application is live to make the relevant security checks.
Take control of the risk management by enforcing a security policy for all mobile app development.
Explore the good practices in a given market and the related technological trends in mobile app security.
Leverage a MAST tool to request a demonstration of compliance within your ecosystem.
Gartner Peer Insight Reviews
"[...] Using their tool esChecker at each step of your app development helps you make a 360 review of the security of your app in a few minutes. Just need to adjust your evaluation criteria on a self-made basis, creating scenarios as required, depending on your context or your security objectives, and you're ready to run the tool.
No doubt: a powerful tool for customers, and an amazing help for developpers!"
"eShard MAST turned out to be a nice complement to our mobile offering.
Our customers were enthusiastic about the technology and how much they learnt about mobile app security by using eShard's tool.
The DAST is particularly above any other solution, as far as we know. And it seems that more is about to come"
"I've been in contact with eShard for almost a year and I have been really impressed with their solution.
It is simple to use but the technology behind the scene is brillant and efficient. Moreover, since the beginning of our conversation, the solution has evolved quickly and I'm sure they will be able to help more companies to evaluate their app against the different issue a mobile app can face."
"We were impressed by the state-of-the-art technologies and techniques that eShard's consultants used when conducting penetration testing on our products.
[...] Within esChecker, the eShard team has included their years of experience in mobile application vulnerability testing in an automated testing package that is easy to use and provides detailed vulnerability information."
