IBM® MobileFirst® Platform Application Scanning helps organizations lower costs and reduce risk exposure by identifying mobile application source code vulnerabilities early in the software development lifecycle, so they can be fixed before deployment.

IBM MobileFirst Platform Application Scanning integrates application security testing into your software development lifecycle. It offers enhanced mobile application scanning capabilities and supports testing for mobile applications, which include support for JavaScript, HTML5, Cordova, Java and Objective-C. IBM MobileFirst Platform Application Scanning also provides integration with IBM MobileFirst Studio and the ability to scan Worklight applications.

IBM MobileFirst Platform Application Scanning can enable:

  • Stronger and more complete software security through integration with IBM Security AppScan®
  • Improved intelligence through integration with existing tools and processes such as application development, build integration and security monitoring
  • Security best practices through optional management and enforcement of security policies
  • Governance and compliance assurance that address security requirements and best practices

Stronger and more complete software security

  • Identifies security vulnerabilities and defects in source code during early stages of the application lifecycle when they are inexpensive to remediate
  • Builds automated security into development by integrating security source code analysis with automated scanning during the build process
  • Scans, triages and manages security policies; prioritizes assignment of results to security teams for vulnerability remediation
  • Delivers fast scans of more than one million lines of code per hour; scans even the most complex enterprise applications
  • Extends security analysis to Android and Apple iOS mobile applications

Improved intelligence through integration

  • Integrates with defect tracking systems (DTS), software configuration management and build management tools
  • Provides increased security intelligence through correlation of static analysis results with dynamic analysis results
  • Accommodates a broad portfolio of large and complex applications across a wide range of languages
  • Is built on open architecture to protect your existing investments