DevSecOps Testing with Browserstack | Secured Android, iOS Apps

Learn how to test Runtime Application Self Protecting (RASP) Protected and obfuscated Android & iOS Apps using Perfecto’s mobile testing suite. Appdome is 100% compatible with all leading mobile application test automation solutions used by DevSecOps teams.  Automated testing of secured Android and iOS app helps developers and others rapidly deploy comprehensive mobile app security and fraud prevention with DevSecOps speed and agility.

Testing Appdome-secured Apps using BrowserStack

This knowledge base article covers the steps needed to test Appdome secured Android & iOS mobile apps using BrowserStack mobile test automation suite.

Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.

Building App on Appdome to Enable BrowserStack testing 

• Build the app with the Disable SELinux Enforcement option disabled (This option is under OS Integrity category)

browserstack.testing.appdome.rasp

 

• Or keep SELinux Enforcement enabled, and use Appdome Threat Events:

appdome.rasp.browserstack.automated.testing

  • Finish building the app with the rest of the features in your use case, apply Context (optional), Sign the app, and download it for BrowserStack. Then add the Appdome-secured app to BrowserStack using the remaining steps below.

Adding Your Appdome-Secured App to BrowserStack for Automated Testing

browserstack.UI.on.appdome
Login to your BrowswerStack account, or Create an account if you don’t already have one.
• Click the Let’s Go button in BrowserStack’s account page.
• Next, you will see a list of iOS and Android devices you can test the app with.

• Click App Live on the top of the page.
• Click Upload next to Uploaded Apps to upload your signed app build.

• Once the app upload completes, choose the device that you would like to test the app with.
• This will start by automatically installing the app on the selected device and then will launch it.

browserstack.automation

• Click through the app on the screen to use it.
o If you have any problems with the app, please re-build the app on Appdome with diagnostic logs enabled under Troubleshooting.

 

troubleshooting.appdome

o Go back to BrowserStack and repeat the app upload steps to run the app with the affected chosen device.
o Click the Kill/Uninstall button on the running app.

 

diagnostics.logs

o Under DEVTOOLS, select All Device Logs and Verbose

 

browserstack.logs

o Clear the log under DEVTOOLS.

o On the device, open the app once more getting to the point where the problem occurred (and take note of the time).

o Click the Download button at the top right-hand corner under DEVTOOLS.
o Set a name for the downloaded log including the time the problem occurred.
o Email this to support@appdome.com complete with details on the problem, device model and OS version used in testing.

Troubleshooting Tips

If you see the message such as: “Application has violated security policies and it will be shut down”, this means that (1) techniques such as emulators, tampering, or reverse engineering are present, and (2) the Fusion Set does not contain Appdome Threat-Events. This is likely because the user is running their automation testing tool in ’emulator testing’ mode, which Appdome protects against.

Automation test tools can typically can be used in two modes: emulator mode and manual mode. If you use your automation test tool in “emulator mode” instead of ‘manual testing’ mode, the Appdome-secured application will not run on the device.

Alan Bavosa

Have a question?

Ask an expert

AvitaMaking your security project a success!