Fortify on Demand Mobile Assessment
Fortify on Demand Mobile Assessment provides a robust solution for securing mobile applications by identifying vulnerabilities before they can be exploited. This comprehensive cloud-based service streamlines the security testing process, ensuring your mobile apps meet the highest standards of security.
You can seamlessly integrate Fortify on Demand Mobile Assessment into your workflow with Appcircle, facilitating easy setup and utilization within your existing development processes.
Prerequisites
Before running the Fortify on Demand Mobile Assessment step, you must complete certain prerequisites, as detailed in the table below:
For iOS (Objective-C / Swift and React Native)
| Prerequisite Workflow Step | Description |
|---|---|
| Xcodebuild for Devices | This step will build your application in ARM architecture and generate an IPA and dSYM file. |
For Android (Java / Kotlin and React Native)
| Prerequisite Workflow Step | Description |
|---|---|
| Android Build | The app required for this step is generated by the Android Build (or alternative build steps). |
| Android Sign | If you create a signed app, you must run this step beforehand to process the output. |
For iOS Flutter
| Prerequisite Workflow Step | Description |
|---|---|
| Xcodebuild for Devices | This step will build your application in ARM architecture and generate an IPA and dSYM file. |
| Flutter Build for iOS | Generates the app required for the Fortify on Demand step. |
For Android Flutter
| Prerequisite Workflow Step | Description |
|---|---|
| Flutter Build for Android | Generates the app required for the Fortify on Demand step. |
| Android Sign | If you create a signed app, you must run this step beforehand to process the output. |
Input Variables
Below is a list of input variables that can be used with this component, along with a description of each.
Avoid hard-coding sensitive information, like tokens and API keys, directly into the step parameters.
We recommend using Environment Variables groups for such sensitive variables.
| Variable Name | Description | Status |
|---|---|---|
$AC_FOD_CLIENT_ID | Authenticating with client credentials. The client credentials are the API keys generated in the portal. | Required |
$AC_FOD_CLIENT_SECRET | Authenticating with client credentials. The client credentials are the API keys generated in the portal. | Required |
$AC_FOD_CLIENT_DATACENTER | Select the datacenter assigned to you upon your onboarding with Fortify on Demand. | Required |
$AC_FOD_ENTITLEMENT_ID | The ID assigned to your current entitlement. You can retrieve this value in the Fortify on Demand portal. | Required |
$AC_FOD_RELEASE_ID | The ID assigned to the created release. This value can be retrieved in the Fortify on Demand portal. | Required |
$AC_FOD_ASSESSMENT_TYPE | Assessment type for this mobile assessment. | Required |
$AC_FOD_FRAMEWORK_TYPE | Framework type for this mobile assessment. | Required |
$AC_FOD_PLATFORM_TYPE | Platform type for this mobile assessment. | Required |
$AC_FOD_FILE_PATH | Full path of the IPA or APK file. | Required |
To access the source code of this component, please use the following link: