Appicaptor
Framework for App Analyses
Which apps are your employees allowed to install on company tablets and smartphones? Allowing your employees to use apps indiscriminately jeopardizes your company’s security. The lack of sufficient IT security expertise among many app developers often leads to unintended security gaps. Although the various app stores check for malware, they do not consider the specific app security features and their correct implementation. To address this issue, Fraunhofer SIT as developed »Appicaptor«, an automated analysis framework that assesses whether apps comply with customer-specific IT security policies.
For companies and public authorities, mobile devices offer flexibility but also present considerable risks. Untested apps pose a major threat. They often contain security vulnerabilities or flawed implementation of basic security features. For greater efficiency, many app developers rely on third-party components, which can cause errors to spread across numerous applications. Cybercriminals can exploit these vulnerabilities in a targeted manner, for example to steal passwords or access sensitive business information. Because widely used apps with poor security are easier to exploit than distributing malicious software directly, even popular apps may present significant risks to enterprises and government agencies. At the same time, the demands for protecting sensitive data are increasing.
Range of Services
- App tests with cyclic update of the respective app security assessment
- Recommendation of safer apps depending on their functionality and safety requirements
- Concepts for the secure use of mobile devices (integrated mobile device management)
- Technical consultation
- IT security guidelines
- Providing app recommendation lists (whitelist / blacklist)
- Support in secure app development
- Automatic basic tests and compliance checks
- In-depth manual app vulnerability analyses
- Expert tests of app binaries and app source code audits
- Development of concepts, procedures and tools for IT securityesting of mobile services and devices
For requesting a sample report send an email to an appicaptor@sit.fraunhofer.de
Contact
Dr. Jens Heider
Head of Testlab Mobile Security
64295 Darmstadt
News
- 25.09.2025
Interactive App Security Reports – Powered by AI - 6.02.2025
Apple’s Required Reason API: Aftermath after one year in practice - 7.10.2024
Visit us at it-sa 2024: Threats of Device Fingerprinting for Enterprises - 5.06.2024
iOS Privacy Manifest: Data Collection and Usage in Top Free iOS Apps - 17.05.2024
Vulnerable Third-Party Libraries in Mobile Apps - 16.04.2024
iOS Privacy Manifest: Empowering Data Privacy Evaluation - 13.02.2024
Security Implications of Apple ID Switching and Keychain Merging in COPE Mobile Environments - 9.10.2023
Trivial Bypass of iOS MDM Restrictions Apple doesn’t fix
More Information
Project Support
Investment into your future
The investments for this development were co-financed by the EC’s European Regional Development Fund and the State of Hesse.