AppSweep allows developers to analyze their mobile apps for potential security issues. This process can be automated by triggering the analysis from within your Continuous Integration (CI) pipeline with Bitrise.
For this, we have built a Bitrise step that will automatically fetch your built application and then upload it to AppSweep. Doing so enables you to continuously scan your application for security issues, without any manual steps.
Before diving into the integration with Bitrise, you should create an API key for your project. This can be easily done inside your project’s settings page in AppSweep. Once you have created such a key, save it for use in a later step of this tutorial.
To upload your application to AppSweep, you need to have our Gradle plugin installed in your app build. When using our Bitrise integration, the plugin is injected automatically into your Gradle configuration so you don’t have to worry about it as long as your project has a default structure.
However, you can also install the Gradle plugin yourself using our documentation.
To learn how to:
- Automate the scanning process with a GitHub action workflow
- Install the AppSweep App on your GitHub account
- View AppSweep scan results in GitHub
Check out our full blog Integrating AppSweep and GitHub to Automate Your Mobile App Security Testing.