Using Appdome Automation Testing for Android Apps

Appdome’s Build2Test service for Android apps is designed to support secure, streamlined mobile app testing across the entire development lifecycle. Whether you’re a testing vendor integrating into CI/CD workflows, a mobile development team debugging Android apps, or a QA engineer evaluating profiling exposure before adding security, Build2Test offers a purpose-built path tailored to your use case.

You can test protected apps in environments that typically trigger security alerts—such as automation frameworks, debugging sessions, and profiling tools—without compromising the app’s security posture or requiring changes in the app code. Below, we break down the three core paths available within the Build2Test service.

Build2Test for Vendors

Automated testing is essential for modern DevOps and QA teams working across a wide range of devices and OS versions. However, common automation tools like Magisk or Frida—frequently used in these environments—can trigger false alarms in mobile app security systems, causing apps to crash or terminate unexpectedly.

Appdome’s Build2Test is purpose-built to address this challenge. It automatically detects trusted testing environments—including platforms like SauceLabs, BrowserStack, BitBar, and LambdaTest—and safely disables security alerts that would otherwise interrupt test runs. This ensures smooth, uninterrupted testing of Appdome-secured apps and accelerates secure app delivery in CI/CD workflows.

Built2Test for App Debugging

Debugging tools are commonly used during development to inspect app behavior, troubleshoot issues, and improve performance. However, these tools can also pose serious security risks in production. Attackers may use them to bypass authentication, alter app logic, extract sensitive information, or interfere with security controls.

Appdome’s Build2Test service helps you identify potential security exposures by testing how your Android app behaves in environments where debugging activity may be present. For example, Appdome checks whether your app is configured as debuggable—a condition that makes it easier for attackers to analyze or manipulate your app at runtime.

Built2Test for App Profiling

App profiling is a common technique used during development and testing to monitor app performance, behavior, and system interactions. However, profiling tools can also be exploited to analyze, reverse-engineer, or manipulate an app in unintended ways.

Appdome’s Build2Test service allows you to evaluate how your app behaves in environments where profiling activity is present, identifying potential security gaps or behaviors that may put your app at risk when exposed to inspection or monitoring tools. For example, Appdome detects if Android Developer Options are enabled—an indicator that the device may be set up for deeper system access, which can increase the risk of profiling or reverse engineering.

Appdome’s Build2Test service can be used in either of the following ways:

• Via Appdome DEV-API.
• Via Appdome’s Console (see the instructions below)

Use Build2Test Service via the Appdome Console

Before You Begin

• Any events encountered when testing the selected service will not raise alarms and notifications. With Appdome’s Build2Test service, Appdome’s in-app defense model recognizes the unique signature of the selected testing service and allows for easy testing without issuing a security alert or forcing the app to exit, even if these services use tools such as Magisk or Frida.
• Ensure you have the following:
  • Appdome account.
  • An Appdome version supporting the Build2Test service. If your current version doesn’t support the feature, contact Appdome Support.
  • Appdome SRM license.
  • A license for Build2Test.
  • Mobile App (APK/AAB).
  • Signing Credentials

Step by Step:

1. Log in to your Appdome account. 
2. Upload your app (.apk or .aab file) to the Appdome platform. 
3. Click the green arrow next to “Build My App” and click Built2Test.
   
   
4. Select the relevant option from the dropdown menu: Vendors, App Debugging, or App Profiling.
   
   
5. Click Built2Test My App. 
6. Optional: After the build is successfully completed, you can add context to the app. The context addition is exclusively applicable to the test environment, namely, to the specific device using the selected service. To add context, click Add Context2Test.
   
7. Sign the app by clicking Sign2Test. The signing is exclusively applicable to the test environment.
   

Related Articles:

• How to Use Secure Android & iOS Apps in GitHub CI/CD
• How to use Appdome-Build-2Secure Orb for CircleCI
• How to Secure Android & iOS Apps in GitLab CI/CD Pipelines

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.