DevSecOps Testing Android, iOS Apps Using Perfecto
Learn how to test Runtime Application Self Protecting (RASP) Protected and obfuscated Android & iOS Apps using Perfecto’s mobile testing suite. Appdome is 100% compatible with all leading mobile application test automation solutions. Automated testing of secured Android and iOS app helps developers and others rapidly deploy comprehensive mobile app security and fraud prevention with DevSecOps speed and agility.
DevSecOps Testing with Perfecto | Secured Android, iOS Apps
This knowledge base article covers the steps needed to test Appdome secured Android & iOS mobile apps using Perfecto’s mobile test automation suite.
Secure the App Using Appdome
First, build your Android app with Appdome’s no-code mobile app security and/or fraud prevention protections.
For Android apps, make sure that the “Detect Developer Options” is NOT enabled on Appdome (Android Developer Options are required in order to use Perfecto’s testing platform).
In order to use Perfecto, it is recommended that you enable Appdome Threat Events for Anti-Tampering, as shown below:
Select the device you want to run your test on. Double-click to select the device.
After opening the chosen device, press the Apps icon and select +INSTALL NEW
Select the app you previously uploaded, then in the CONFIGURE APP tab, check “Resign application” and uncheck “Launch after installing”, then click INSTALL APP.
Wait for the installation to complete. Then Launch your test app and run your test manually.
You can view the mobile device logs by pressing the Logs icon:
If you see the message such as: “Application has violated security policies and it will be shut down”, this means that (1) techniques such as emulators, tampering, or reverse engineering are present, and (2) the Fusion Set does not contain Appdome Threat-Events. This is likely because the user is running Perfecto in ’emulator testing’ mode, which Appdome protects against.
Perfecto can be used in one of two modes: emulator testing or manual testing. Using Perfecto in “emulator mode” will trigger Appdome’s ONEShield app hardening protection. Therefore you should use manual mode (ie: real mobile devices) to test Appdome-secured apps.
Also, you should avoid enabling Perfecto’s “Instrumentation” options, as this will also trigger Appdome’s protections.
Have a question?
Ask an expert
GilMaking your security project a success!
Get Your Copy
2021 Global Mobile