Appknox – mobile security app
As we all know, ‘Security’ is a ‘must have’ benchmark of mobile application quality. Among the list of Start-ups that have been trending in 2015, one is Appknox. It provides great facilities to mobile app developers by providing them with security features.
Headquartered at 71 Ayer Rajah Crescent, Singapore, Appknox was co-founded by Harshit Agarwal, Subho Halder and Prateek Panda, all of them passionate for security and technology, in 2014. It is a Singapore based start-up. The three co-founders met in Orissa, India at KIIT University where they studied together. All were engineers and wanted to somehow reprogram software programs. Interested in breaking codes, they made up their mind to help organizations in making their applications secure. After getting into jobs, they were not warned by their respective companies not to point out weaknesses in their system. Then Appknox happened, having been funded $25k from Singapore’s The Joyful Frog Digital Incubator.
What does Appknox do?
It is an app that can find security issues and vulnerabilities of an app even before the app is released. The tool provided by Appknox is completely automated. In order to test the developed code, the app developer just needs to upload the binary code of his app on Appknox website. Appknox then offers peace of mind to the mobile app developer by finding out any flaws and weaknesses in the scripting code, source code and machine code of the app. The process doesn’t end at just finding flaws; Appknox also helps app developers in fixing any security flaws that are prevalent in their code. Approaching the app from an attacker’s point of view, Appknox can bring vulnerabilities in the network or app to notice. After finding the weaknesses in the code, Appknox prioritizes them according to the level of severity.
The Appknox app keeps on performing security audits regularly on the apps of their customers and also alerts them when new vulnerabilities are encountered. The scanning of the apps take place both before and after of the publishing of these apps.
How Appknox works?
Appknox basically hacks your app before anyone else does. It performs multiple level of scanning and all major platforms are supported.
Static Analysis: It generates results within five minutes.
Dynamic Analysis: It provides real-time results along with user interaction
Behavioral Analysis: More than 85% of the code is covered with high accuracy results
Multiple Platforms: Both Android and iOS platforms are supported
The users are charged as per their application and its source code for detecting the vulnerabilities.
Products and specifications of Appknox
For back end, Python and Shell are used by the Appknox tool and Coffeescript and Less are used for front end. Among the most notable things about Appknox is the fact that the front end and the backend are not connected together and are developed and run independently.
The Back end is used to find any security flaws and is named Sherlock. The name given to it is quite apt. Irene is the name given to the front end which uses Ember as its framework. The front end development team works independent of the back end team and doesn’t need the server to be online during development. The front end and back end deployment processes are also different from each other.
More than 1500 Applications have been audited, more than 100 businesses have been got and more than 9000 threats have been found so far by Appknox and the numbers are surely increasing day by day.
Some of the achievements of Appknox include finding vulnerabilities in top notch software companies like Facebook, Yahoo, Google, Microsoft, Skype and PayPal.