New Tools Speed Mobile App Security Testing
At this week's Cebit trade show in Hanover, Germany, three different tools that promise to speed up the process of finding security flaws in mobile apps were on display. Two of them—Appicaptor and App-Ray—are ready for use, and the third—CodeScan—is still a prototype. All are made by the Fraunhofer Institute for Secure Information Technology.
Eric Bodden from the Fraunhofer Institute explained that existing tools can find security problems in apps, but they usually take a long time to do their work. "We aim to do that degree of analysis in a few milliseconds, as you save your code," said Bodden. He added, "Most errors are in the misuse of APIs or in the area of data flow."