Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6658

Vulnerability scanning for mobile apps

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • None
    • False
    • None
    • False

      1. Proposed title of this feature request

      • Vulnerability scanning for mobile apps

      2. What is the nature and description of the request?

      • Will RHACS support vulnerabilities scanning for mobile apps?

      3. Why does the customer need this? (List the business requirements here)

      • Customers are currently using RHACS in their CI pipelines as a validation step after the build phase and before publishing the produced artifacts in their Nexus repository. The CI pipeline is usually producing a docker image that is scanned by ACS for known vulnerabilities. This is working very well for dockerized components relying on Quarkus, JBoss EAP or Apache.
      • They are now in the process of building a new mobile banking app which will be composed of Android native code, iOS native code and a Hybrid part based on Angular. For the hybrid part, they can perfectly use RHACS for vulnerability scanning as it is some sort of web application based on Angular and packaged in a Docker container. But for the native apps, they are built with Kotlin for Android and Swift and Swift UI for iOS and of course they are not packaged in Docker containers.
      • Customers would like to know if RHACS supports vulnerabilities scanning and SCA for mobile apps?

      4. List any affected packages or components.

      • ACS

              sbadve@redhat.com Shubha Badve
              rhn-support-rdey Ronit Dey
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: