MobSF gives you piece of mind for a price that can't be beat
Use Cases and Deployment Scope
We have a staff app that we use to scan and redeem electronic vouchers that our members earn through casino gameplay. This scanning is deployed through payment devices that are managed by a third party. They require that our app pass through a stringent security check. MobSF is one of the few accepted penetration testing software.
Pros
- Scan for vulnerabilities
- Scan for bad coding
- Give suggestions on fixes for security issues
Cons
- The UI is not that user friendly
- The documentation could be easier to understand
- An easier method of deploying MobSF would be appreciated
Most Important Features
- Security scan of the app code
- Suggestions on the fixes in the vulnerabilities in the code
- The detailed downloadable report that it generates after the scan
Return on Investment
- It has allowed our apps to pass a security vetting requirement of a third party to deploy our app
- We can see where we can improve on the development of our app
- The deployment can take a while, especially with teams not familiar with the software
Alternatives Considered
SonarQube
Other Software Used
SonarQube, Adobe Acrobat Reader DC, Android Studio