Mobile Vulnerability Analysis
Discover zero-day vulnerabilities automatically and at scale
Automated vulnerability discovery by Kryptowire
Discovering vulnerabilities can be cumbersome, error-prone, and costly when your employees’ devices have hundreds of third-party applications, updates, and libraries that are exposed to software vulnerabilities and zero-day threats on a daily basis. A single insecure device may result in irreparable data losses, compromised networks, and millions of dollars in damages to your enterprise.
The traditional approach of using manual penetration testing is too costly and time consuming to keep up with the large number of devices and updates deployed in modern organizations. To solve this problem, Kryptowire has developed an automated vulnerability discovery and exploit generation engine that scales easily to cover every device, application, and update in your enterprise inventory. Our tool has been used to discover and document over 145+ CVEs in the last year alone and is now available for commercial use.
More detailed view of our automation
This PDF will give you a deeper dive in to our automated system that reports vulnerabilities.
How kryptowire’s automatic scan works
1. Mobile Apps & Firmware Collection
Mobile Apps and Firmware images are collected and processed by the App analysis system using a cloud or on-premise appliance.
2. Vulnerabilities Discovered
The automated system reports vulnerabilities with the type (e.g. command execution) and all necessary data to generate a proof of concept.
3. Exploits Generated
An analyst leverages the output of the automated system to validate and generate Proof of Concept exploits. The POCs can be tested and validated in live environments.
Automatically Scan Pre-Installed Android Apps for Security Vulnerabilities.
See our FIRMSCOPE presentation at the 29th USENIX Security Symposium. August 12–14, 2020.
For more technical details download the USENIX Security Symposium.
The EU General Data Protection Regulation (GDPR) is in effect as of May 25, 2018. Are your mobile apps GDPR complaint?