- Supports app security test (including pre-installed apps and apps installed
by the user) on Android mobile devices.
- Supports packet capture to apps of Android and iOS mobile devices. When the
investigator conduct operation on the app manually, AppDetector will capture
packets of the app, then analyze packet related connections to tell whether
there are any information security risks.
- Utilizes non-invasive method (i.e. does not require installation of any apps
or software to target mobile device) when acquiring basic information of
target mobile device. The above-mentioned information includes: model №,
IMEI, OS version, etc.
- Supports risk level evaluation to the target mobile device. The risk levels
are as follow: High, Medium, Low, Safe.
- Supports “Quick Examination” and “Full Examination” mode. “Quick
Examination” will verify the apps of target mobile device with the
information of internal database (which is based on the results of
previously extracted and analyzed apps); “Full Examination”, on the other
hand, starts a new, complete examination to all apps of target mobile
device.
- Supports extraction of the app APK file(s) from target mobile device and
supports examination of multiple APK files. AppDetector will also verify the
apps’ information (e.g. package name, version, other information) and hash
value of the APK file (or the APK file itself) to the information of
external database. Investigator will get the result once the search and
verification process are done.
- AppDetector can turn on the app(s) of target mobile device and conduct
packet capture. AppDetector will also analyze the connection behaviors
within the packets (e.g. connection IP address, port №, and other
information); AppDetector will search, verify those connection behaviors
with information of external database. Investigator will get the result once
the search and verification process are done.
- Supports risk level verification of packet network connection, in which App
detector will conduct information security risk verification to IPs and
URLs.
- Supports app risk level evaluation and black/white list function based on
the result(s) sent back from external database. AppDetector will also mark
the blacklisted apps as “abnormal” and show warning notification.
- Supports manual entry and remarking of specific apps or connection to the
black/white list of internal database; AppDetector also supports data import
from external database to internal database.
- Supports visualization of examination results with statistical
charts/graphs, for example, pie chart of the percentage of the
examined/analyzed apps’ risk levels.
|