Solutions 
Blog
Contact us
eShard
/
Our Solutions
/
eschecker

esChecker: a MAST by eShard

esChecker combines many years of penetration testing experience with a unique dynamic engine simulating attack techniques, such as reverse-engineering or code tampering. No source code is needed, only the app binary (Android apk or iOS ipa). esChecker provides immediate feedback about the way your app reacts against many hacking techniques. You can now spare your pentest budget for in-depth vulnerability analyses.
Try it now
Download our Brochure

Download the European Mobile Banking App Security Benchmark

Did you know that 80% of Mobile Banking Apps don't have ANY root detection?

We have analysed 120+ European Bank Mobile Apps, looking for protection trends and best practices with esChecker. And we've gathered thousands of test results in this comprehensive report.

Get your free copy
Security Policy - esChecker MAST

What is a MAST?

Mobile Application Security Testing solutions implement security verifications, ideally at the binary level (blackbox approach).

Behind security, it is necessary to set the right questions and pick up the tool corresponding to the following questions:

  • How resilient is a mobile application to attack techniques (reverse engineering, tampering)?
  • How protected is the code, in other words, how many exploitable vulnerabilities?
  • To what extent does my code incorporate malware?
  • How privacy-friendly is my code?
MAST Tool

Testing the mobile app in real conditions

esChecker’s unique DAST (Dynamic Application Security Testing) technology leverages specific resources, such as real devices, to perform testing when the application is running.

In-app protections can take place at different places in your app. Doing so, you can make sure that the application behaves as expected when running critical functions on specific screens.

The hacking approach

Mobile application security is a complex field, and you can’t keep up in following developments in this area. Leave it to our security experts.

esChecker is a SaaS solution whose tests are continuously updated to reflect the hacking techniques. Running the tests on mobile apps will tell you where the weak spots are and it will guide you through improving your app regarding resilience to hacking.

Don’t say it, prove it

Confidence comes by being able to demonstrate you made the right thing.

esChecker's report provides a clear way to show demonstration of compliance from your chosen policy or from a standard like OWASP. Our unique technology encompasses the OWASP Resiliency layer (MASVS-R).

esChecker-MAST

Continuous validation

Turn your DevOps into DevSecOps with continuous integration. Security is an app feature. Make sure to continuously test every new build to avoid protection regressions. We support the most popular CI/CD frameworks: Jenkins, CircleCI, Gitlab, etc.

Automate your security testing

esChecker helps you automate your Mobile Application Security Testing.

Test resilience to attacks

Techniques like debug, code injection, root privileges, …

Investigate code vulnerabilities

Cover misconfigurations, cryptography, storage, …

100% code coverage

Runtime testing is run by replaying a recorded sequence.

Tune your test campaign

Select your test campaign. Set the success criterias.

Test evidence

Video and snapshot are available.

Immediate feedback

In minutes, the tests outcome is given.

Gartner Peer Insight Reviews

Gartner Peer Insight review on esChecker

nbvcx74-03.png

nbvcx74_Plan de travail 1 copie.png

nbvcx74-04.png

Fields of application

DevSecOps

Integrate Security QA early in your Development Process. Don’t wait until your application is live to make the relevant security checks.

Chief Information Security Officer

Take control of the risk management by enforcing a security policy for all mobile app development.

Thought leader

Explore the good practices in a given market and the related technological trends in mobile app security.

Regulation authority

Leverage a MAST tool to request a demonstration of compliance within your ecosystem.

Blog Articles

Software Security

How can OWASP help you define your mobile app security policy?

11 min read
Edit by Balangué Rémy Apr 13, 2022
© eShard 2021. All rights reserved
Privacy policy | Legal Notice
Bâtiment GIENAH
11 avenue de Canteranne
33600 Pessac
France
eShard Nudge
7 rue Gaston de Flotte
13012 Marseille
France
eShard GmbH
Beethovenallee 21
53173 Bonn
Germany
Paya Lebar Quarter
#04-01 Paya Lebar Link
408533
Singapore