App-Ray

App-Ray logo

An X-Ray for apps

Uncertain whether installing some app on your smart phone is a good idea?

App-Ray takes a look inside your apps and helps you understand what they really do.

In fully automated tests, App-Ray analyzes apps and highlights vulnerabilities, data leaks, and privacy breaches.

App-Ray is for ...

  • IT Managers
    • Know the threat level of every single app
    • Check apps before rolling them out to your employees
  • Security professionals
    • Massively speed up security evaluations
    • Get an overview of the capabilities, flaws, and threats of an app
    • First things first. Identify the most critical parts of an app automatically
  • Developers and DevOps
    • Test apps for compliance with your quality and security standards
    • Find data leaks and vulnerability before your customers do
    • Increase confidence by reporting security standards of your apps to customers
    • Complement functional tests with automated in-depth security inspections

Inside your apps

  • Discover security flaws
    • Exploits and malicious code
    • Remote code execution via 3rd-party libraries
    • Publicly accessible components and files
    • Incorrect usage of encryption
  • Learn about data usage and leaks of an app
    • Data sources and sinks
    • Information leaks and loss of data
  • See if security best practices are applied
    • Encrypted communication and data storage
    • Protection against tapjacking
  • Be aware of user tracking and advertising capabilities
    • Libraries which track your location and behavior
    • Crash reporters revealing your private data
    • Aggressive advertisements
  • Get detailed information for your manual security evaluation
    • Code structure: Classes, Methods, Call graphs
    • Permissions, Interfaces, Components
  • Receive clear customized reports
    • Evaluation according to your security requirements
    • Clear overview report, detailed inspection results
  • and much more

See it in Action

Interested in App-Ray?

App-Ray comes in two flavors: hosted and on Site

Hosted

  • Scan your own Apps
  • Overview of Threats
  • Detailed Findings
  • Cloud Based Service
  •  


More Info

On Site

  • Scan your own Apps
  • Overview of Threats
  • Access to Raw Data
  • Customized Tests
  • On Site Installation


More Info
The Hosted license is intended for security professionals and pentesters.
App-Ray saves hours of repetitive work and provides detailed analysis data.

Get started immediately and focus on your strengths, instead of routine tasks.

  • Define your own security requirements and check apps against them
  • Get access to all detailed analysis results
  • Use App-Ray with the hassle-free web interface
  • Updates and bug fixes will be applied regularly
For Corporate customers, we provide full control over App-Ray with our on site installation.

Integrate App-Ray into your IT infrastructure or Mobile Device Management (MDM) solution and set up a Trusted AppStore.

  • Tests can be tailored to your individual security criteria
  • Access raw results for programmatic evaluation and integration into your development chain
  • Integration into your existing IT infrastructure
  • Updates and bug fixes on a regular basis


If you are interested or need further information, please do not hesitate to contact us:

Access the demo

An online demo of App-Ray is available for a closed user group. If you have retrieved a demo account, click here to get started.

About Us

Julian Schütte

Julian graduated from Technical University of Darmstadt in 2007 with a Diploma (equiv. MS) in Computer Science and a focus on IT security. In 2013, he received his doctorate from Technical University of Munich based on his studies on security policy frameworks for distributed and dynamic service architectures.
Since 2007 he is working for Fraunhofer where he is conducting research on secure mobile systems. Since 2013, he is co-leading a research group for service & application security. Besides his research activities, Julian pursues the development of tools which allow people to use complex technology in a secure and easy way.

www Xing LinkedIn

Dennis Titze

Dennis graduated from Technical University of Munich in 2012 with a Master of Science in Computer Science and a focus on IT security.
Since 2012 he is working for Fraunhofer AISEC where he is doing his PhD in the context of information flow analysis.
Besides his PhD studies he is conducting research on secure mobile systems and on automated application analysis.

LinkedIn