Frequently Asked Questions

What is the purpose of Mobix?
Mobix is a solution for vulnerability detection and full automation of mobile app security testing.
What is Mobix?
Mobix is a Mobile Application Security Testing (MAST) tool for vulnerability detection and automation of security testing of mobile applications. It detects more than 50 types of vulnerabilities. All vulnerabilities identified during the application scanning are displayed in the Mobix user interface. Mobix provides information on the location of the vulnerability, the severity of the vulnerability, detailed recommendations for fixing it, and most importantly, detailed recommendations for preventing similar vulnerabilities in the future.
What MAST practices does Mobix implement?

Mobix implements the following MAST practices:

  • Byte Code Analysis (BCA) for frontend testing;
  • Static Application Security Testing (SAST) for frontend testing;
  • Interactive Application Security Testing (IAST) for frontend testing;
  • Dynamic Application Security Testing (DAST) for frontend testing;
  • Application Programming Interface Security Testing (API ST) for backend (API) testing.

You can find a detailed description of each practice in the article – MAST practices.

Is Mobix DevOps Ready?
Mobix is DevSecOps ready. It performs fully automated security testing and supports integration with different types of DevOps tools. Mobix has the plugins for native integration with key DevOps tools. Mobix is also ready for custom integrations with other DevOps tools via REST API and CLI.
Where is Mobix hosted?
Mobix is available as SaaS software in the cloud or can be installed on-premises. The on-premises version can be used in big companies. The cloud version allows small and medium-sized companies to use Mobix with the most flexible deployment and licensing.
What test equipment is required for Mobix?
Mobix has no hardware bindings and hence doesn’t require additional test equipment. Mobix runs security testing on Android emulators and iOS simulators which allows testing on multiple simulators/emulators in parallel, i.e. scaling security testing using the same hardware.
What licensing model does Mobix use?
Mobix follows the typical model with licenses per scan, per application, and per year. The price depends on the number of applications scanned and the version of the operating system.
What operating systems does Mobix support?
Android and iOS.
Which standards does Mobix check for compliance?
Mobix checks application compliance with the following standards:

  • MASVS
  • OWASP Mobile Top 10

Many companies have their own internal information security requirements that are mandatory for every application. Using Mobix, a company can create its custom standard and track compliance with it. To do this, Mobix provides a fully functional custom compliance framework.