Introduction to Security Testing
Help Documents menu

Introduction to Security Testing

Updated on: 2023-11-23 10:56

Comprehensively assess the security issues of the application, accurately locate the root cause of the problem, present detailed security issue details, and provide code fix suggestions. Security detection includes Android application detection and Android SDK detection.

Detection Services

Android application security testing

Android application security testing covers the testing content of its own security, program source file security, local data storage security, communication data transmission security, identity authentication security, internal data interaction security, HTML5 security, malicious attack prevention ability and other categories, covering a total of 82 assessment items. Through in-depth static detection, dynamic detection, source code scanning and other technologies to comprehensively discover the security problems of Android applications, help repair vulnerabilities and improve application security.

Android SDK security testing

Android SDK security testing covers its own security, local data storage security, internal data interaction security and malicious attack prevention capability, with more than 40 testing points.

Detection Technology

Static testing

Without running the mobile application code, the mobile application program code and configuration files are scanned through control flow and data flow analysis, and a number of content tests are conducted to verify whether the mobile application meets the specifications, security, reliability, maintainability and other indicators through risk & vulnerability scanning, sensitive word detection, advertising plug-in detection, system behavior detection, etc.

Dynamic Detection

WeTest implements dynamic security detection technology based on security sandbox, which provides comprehensive and accurate monitoring of the behavior of using permissions and network access behavior while the app is running, completes the collection and analysis of various sensitive behaviors of the app or its integrated SDK, and prevents personal information from being collected or spread by unlawful elements through unauthorized means.