Automate Dynamic Analysis on iOS with an Xcode Test Suite
The accuracy and speed of Enterprise and/or Prime scans can be enhanced by using your mobile team's existing Xcode Unit Tests (XCTest) or Xcode UI Tests (XCUITest) for dynamic analysis of an iOS application.
The dynamic scanner can be run along with the application's test suite in order to ensure that the application's code and screens covered by the test suite are scanned for security and privacy issues. This allows Data Theorem to leverage your mobile team's deep knowledge of the application in order to run the security scans on the most important application flows.
In order to leverage this feature, either the application's Xcode Unit Tests or Xcode UI Tests should be compiled and sent to the Data Theorem. The following steps describe this process in more details.
Step-by-step guide: Unit Tests
- In Xcode, activate your unit-testing scheme, and set the build target to 'Generic iOS Device'.
- Click Product->Build For->Testing. Alternatively, run xcodebuild build-for-testing
- Open the 'Products' folder in the Xcode project navigator
- Right-click `<app name>.app` in the 'Products' folder, and click 'Show in Finder'
- Right-click`<app name>.app` in Finder. Click 'Show Package Contents'
- Navigate to the 'PlugIns' subfolder
- Copy the file titled <app name>Tests.xctest and send it to support@datatheorem.com
Step-by-step guide: UI Tests
- In Xcode, activate your UI testing scheme and then set the build target to 'Generic iOS Device'.
- Select Product -> Build For -> Testing.
- Alternatively, run ‘xcodebuild build-for-testing’ on the command line
- Open the 'Products' folder in the Xcode project navigator.
- Right-click <app name>.app, and select 'Show in Finder'
- Next to your app in Finder, there will be an app called ‘<app name>UITests-Runner.app.’
- Right-click, and click 'Show Package Contents'
- Navigate to the 'PlugIns' subfolder
- Copy the file titled <app name>UITests.xctest and send it to support@datatheorem.com
Related articles