← Visit bitrise.io

Detect app vulnerabilities with the Oversecured Step

Oversecured joins our rapidly growing partnership program as the first Verified Step focusing on app security. Scan your apps before they go to production, detect known vulnerabilities, and protect your user’s data from the comfort of your favorite CI/CD service.

Oversecured joins our rapidly growing partnership program as the first Verified Step focusing on app security. Scan your apps before they go to production, detect known vulnerabilities, and protect your user’s data from the comfort of your favorite CI/CD service.

Oversecured currently supports Android apps written in Java and Kotlin. As a vulnerability scanner, it detects issues and groups them by severity. You can also do a quick assessment thanks to the summarized statistics at the beginning of each report.

Oversecured incident summary

Vulnerability statistics from the Oversecured sample report

How it works

By adding Oversecured to your Workflow you can scan each new version of your app automatically, and fix vulnerabilities at the earliest stages of development.

Once the APK file is uploaded to the service, it automatically scans for all known mobile vulnerabilities, including arbitrary code execution, theft of arbitrary files, and cross-site scripting. As a result, it generates a report that can be exported as a PDF file for a detailed overview.

The report starts with a quick summary of the findings and risk ratings: each category has a detailed explanation in terms of risk and recommendations, ordered by the level of risk and containing a list of vulnerabilities. Each vulnerability contains a listing of the mobile app code that leads to the vulnerability.

Try Oversecured

Oversecured is now available on Bitrise, so head to your dashboard, and add the Step to your Workflow if you can to give it a try. The first five scans are free! 🎉

  1. Open the Workflow Editor.
  2. Click the + plus icon to add a new Step.
  3. Search for Oversecured.
  1. Fill out the Oversecured API key and Oversecured Integration ID fields.
  2. If the path to the APK file is non-standard, enter it in the A Bitrise generated APK path field.

Check out the official documentation here.

Bitrise Verified Steps are official integrations developed and maintained by the service owner. If you'd like to know more about our Verified Step Program and create your Verified Step, read more about it here.

share this article
Twitter icon
Janos Vrancsik
Partnership Manager
Product Updates
-
min read
PUBLISHED:
February 17, 2021
LAST UPDATED :
May 17, 2021
verified steps
share this article
Twitter icon
The Mobile DevOps Newsletter

Explore more topics

App Development

Learn how to optimize your mobile app deployment processes for iOS, Android, Flutter, ReactNative, and more

Browse
App Development

Bitrise & Community

Check out the latest from Bitrise and the community. Learn about the upcoming mobile events, employee spotlights, women in tech, and more

Browse
Bitrise & Community

Mobile App Releases

Learn how to release faster, better apps on the App Store, Google Play Store, Huawei AppGallery, and other app stores

Browse
Mobile App Releases

Mobile DevOps

Learn Mobile DevOps best practices such as DevOps for iOS, Android, and industry-specific DevOps tips for mobile engineers

Browse
Mobile DevOps

Mobile Testing & Security

Learn how to optimize mobile testing and security — from automated security checks to robust mobile testing and more.

Browse
Mobile Testing & Security

Product Updates

Check out the latest product updates from Bitrise — Build Insights updates, product news, and more.

Browse
Product Updates

Other bits from Bitrise

insights

App Performance Monitoring with Rasmus Larsson

webinars

Ship healthier code with Codecov and Bitrise

whitepapers

How to skip code freezes and release with confidence instead

podcast

Bitrise User Group #6

The Mobile DevOps Newsletter

Join 1000s of your peers. Sign up to receive Mobile DevOps tips, news, and best practice guides once every two weeks.