GeneXus Community Wiki
MENU
PAGE INFO
PAGE TOOLS
Add a category
Add a group
CREATE NEW PAGE
TBWelcome
Login
Register
Settings
Change Password
Logout
Search
Recents
i
Text Block
OWASP Top 10 2016 Mobile in GeneXus Applications (Android)
M1: 2016 - Improper Platform Usage
M2: 2016 - Insecure Data Storage
M3: 2016 - Insecure Communication
M4: 2016 - Insecure Authentication
M5: 2016 - Insufficient Cryptography
M6: 2016 - Insecure Authorization
M7: 2016 - Poor Code Quality
M8: 2016 - Code Tampering
M9: 2016 - Reverse Engineering
M10: 2016 - Extraneous Functionality
Page Id
40815
M7: 2016 - Poor Code Quality
This documentation is valid for:
OWASP Documentation
Actions by GeneXus
A debug certificate is used by the application along with the development process and its a requirement to generate a new valid certificate to upload the application to the Play Store on release. The debug certificate is not admitted by the Play Store.
The
Android's debuggable property
is disabled by default.
GeneXus updates third-party libraries to avoid dependencies with known vulnerabilities.
GeneXus implements the exception handling mechanism.
If
GAM
is used this denies default access to functionalities.
Uses
ProGuard
to obfuscate the code.
Actions by Developers
If an extensibility resource is used the developer must control that these products do not have vulnerabilities.
Manage application's certificates accordingly.
Page Id
40822
Next →
NextNode
Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Sure!
No
Additional feedback?
comment
Thank you for your feedback!
Backlinks
See all
Forward links
See all
More from sgrampone
See all
s
BY
sgrampone
EDIT
—
CREATED: 20 SEPTEMBER 2018 05:27 PM -
LAST UPDATE: 2 OCTOBER 2018
02:36 PM
BY
SGRAMPONE