Framework for App Security Tests

Which apps are safe to install on the company tablet or smartphone? Allowing the staff to use apps indiscriminately may endanger the company’s own security. Many app developers do not have sufficient IT security knowledge, which frequently leads to inadvertent vulnerabilities. App stores may check for malware, but specific
app security features and correct implementation are not the subject to verification. Fraunhofer SIT has developed the »Appicaptor« test framework exactly with this scenario in mind, giving enterprises an opportunity to automatically check if apps are compliant with their IT security policy.

iOS and Android
»Appicaptor« generates an individual test report for enterprises for each app and each operating system, with the analysis being carried out automatically. These management reports are understandable also for people without deep IT security knowledge. The system issues a warning when vulnerabilities or the insecure use of sensitive data are detected, or immediately integrates automatically the results of the analysis into the Enterprise Mobility Management System. Since apps are often revised and new insights emerge concerning weaknesses and implementation errors, »Appicaptor« repeats the tests regularly as well, thus constantly evaluating the security features based on the latest technological knowledge.

Range of Services

  • „„App tests with cyclic update of the respective app security assessment   
  • Recommendation of safer apps depending on their functionality and safety requirements
  • Concepts for the secure use of mobile devices (integrated mobile device management)
  • „„Technical consultation
  • IT security guidelines
  • „„Providing app recommendation lists (whitelist / blacklist)
  • „„Support in secure app development
  • „„Automatic basic tests and compliance checks
  • „„In-depth manual app vulnerability analyses
  • „„Expert tests of app binaries and app source code audits
  • „„Development of concepts, procedures and tools for IT securityesting of mobile services and devices

For requesting a sample report send an email to an