HackerOne vs. Mobile Security Framework (MobSF)

HackerOne

Mobile Security Framework (MobSF)

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
HackerOne	Score 7.1 out of 10	N/A	HackerOne is a hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited, from the company of the same name in San Francisco. The service is used for vulnerability location, pen testing, bug bounty, and vulnerability triage services.	N/A
Mobile Security Framework (MobSF)	Score 8.0 out of 10	N/A	Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for integration with CI/CD or DevSecOps pipeline. The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.	N/A

Pricing

HackerOne

Mobile Security Framework (MobSF)

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
HackerOne	Mobile Security Framework (MobSF)
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

For more information please email www.hackerone.com/contact or find us on the AWS Marketplace: https://aws.amazon.com/marketplace/seller-profile?id=10857e7c-011b-476d-b938-b587deba31cf

—

More Pricing Information

Community Pulse
	HackerOne	Mobile Security Framework (MobSF)
Top Pros	Pro Easy to use Pro Working with large Pro Beautifully designed	No answers on this topic
Top Cons	Minus No easy Minus No easy way Minus End user	No answers on this topic

Best Alternatives
	HackerOne	Mobile Security Framework (MobSF)
Small Businesses	No answers on this topic	No answers on this topic
Medium-sized Companies	No answers on this topic	Veracode Score 8.5 out of 10
Enterprises	No answers on this topic	Veracode Score 8.5 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	HackerOne	Mobile Security Framework (MobSF)
Likelihood to Recommend	7.0 (2 ratings)	8.0 (1 ratings)

User Testimonials
	HackerOne	Mobile Security Framework (MobSF)
Likelihood to Recommend	HackerOne It is one of the good platforms for security researchers to submit bugs and other vulnerabilities, it however, has some challenges, in terms of un-verified and duplicate submissions. Incentivized Jugpreet Talwar Technical Intern Read full review	Open Source MobSF is good for checking for vulnerabilities in your app. It will also give suggestions on how to address them. Another thing is can do is find code that may be incorrect. It is not, however, a substitute for a system that actually checks your code for proper use. It really is concentrated on security. Incentivized FD Francis de Castro Business User Engagement Manager Read full review
Pros	HackerOne Filter for spammy bug reports Nice central interface Payment/reward system is nice Incentivized Verified User Anonymous Read full review	Open Source Scan for vulnerabilities Scan for bad coding Give suggestions on fixes for security issues Incentivized FD Francis de Castro Business User Engagement Manager Read full review
Cons	HackerOne A lot of duplicate bugs get reported, although it does offer automatic suggestion of previously reported bugs that may be duplicates, it is far from perfect. Anyone can report bugs, a lot of them are not verified before submission. This sometimes leads to a lot of time spent in verifying if the bug is really actionable. Each submission has to be treated with equal potential, a lot of time, some time gets invested in vulnerabilities that aren't as important as some others. Incentivized Jugpreet Talwar Technical Intern Read full review	Open Source The UI is not that user friendly The documentation could be easier to understand An easier method of deploying MobSF would be appreciated Incentivized FD Francis de Castro Business User Engagement Manager Read full review
Alternatives Considered	HackerOne These were very close and we liked HackerOne better. For a time we did have both and we felt the need to consolidate the information into one platform and end of life our internal offering. Overall we've been fairly happy with HackerOne. Incentivized Verified User Anonymous Read full review	Open Source In my opinion, MobSF is not as comprehensive as SonarQube. Both, however, do a very good job in scanning your code for vulnerabilities. Both do roughly the same things. The reports of SonarQube are more detailed though. The advantage that MobSF has over SonarQube is the price. One is free while the other is a paid solution (with several tiers). However, we use them together to get a more comprehensive scan. Incentivized FD Francis de Castro Business User Engagement Manager Read full review
Return on Investment	HackerOne Bugs that can't be tracked internally are submitted by external researchers, which is an important factor for security vulnerabilities. Even if the bugs reported are duplicates, there still is provision to award reputation points, that keep the researchers engaged. It also requires a lot of verification and validation, as a lot of the submissions are unverified to begin with. Incentivized Jugpreet Talwar Technical Intern Read full review	Open Source It has allowed our apps to pass a security vetting requirement of a third party to deploy our app We can see where we can improve on the development of our app The deployment can take a while, especially with teams not familiar with the software Incentivized FD Francis de Castro Business User Engagement Manager Read full review
ScreenShots