TrustRadius: an HG Insights company

esChecker

Get a Demo

What is esChecker?

esChecker: a MAST by eShard

esChecker combines years of penetration testing experience with a dynamic engine simulating attack techniques. No source code is needed, only the app binary (Android apk or iOS ipa). It takes 30 minutes to find out how an app reacts against many hacking techniques, so that the user can now reserve pentest budget to in-depth vulnerability analyses.

What is a MAST?

Mobile Application Security Testing solutions implement security verifications, ideally at the binary level (blackbox approach). Behind security, it is necessary to set the right questions and pick up the tool corresponding to the following questions:

  • How resilient is a mobile application to attack techniques (reverse engineering, tampering)?
  • How protected is the code, in other words, how many exploitable vulnerabilities?
  • To what extent does my code incorporate malware?
  • How privacy-friendly is my code?

esChecker’s DAST (Dynamic Application Security Testing) technology leverages specific resources, such as real devices, to perform testing when the application is running. In-app protections can take place at different places in an app. Doing so, users can make sure that the application behaves as expected when running critical functions on specifi screens.


Categories & Use Cases

Videos

Screenshots

Screenshot of esChecker offers default preset campaigns, according to OWASP standards: MASVS L2+R, MASVS L2, MASVS L1+R and MASVS L1. Users can also choose to create custom campaign to match internal security policies.
Screenshot of With its Record and Replay feature, esChecker allows users to browse deep in app screens to target critical user journeys. This ensures that the performed attacks are triggered on the right screens. After a testing session, users can play the video recording of a given test and see how the app reacted.
Screenshot of After a full app test session, users are able to understand how strong an application is in: Application Reverse Engineering Protection, Application Misconfiguration and Application Vulnerabilities.
Screenshot of The testing report guides the user through the OWASP MASVS to help understand where an application requires more work to be properly protected. This report can be used internally, or externally to show evidence of compliance.
Screenshot of The app Defense Score can be used to and compare an app’ results. To help monitor the application’s security protections evolution, esChecker provides a centralized, and graphic overview of the test results.

1 / 5

Screenshot of esChecker offers default preset campaigns, according to OWASP standards: MASVS L2+R, MASVS L2, MASVS L1+R and MASVS L1. Users can also choose to create custom campaign to match internal security policies.

Technical Details

Technical Details
Deployment TypesSaaS
Mobile ApplicationNo
Supported LanguagesEnglish, Spanish, Portuguese, French

FAQs

What are esChecker's top competitors?
Pradeo and NowSecure are common alternatives for esChecker.