In recent years, the national regulatory authorities have paid more attention to the security of personal information and strengthened their supervision. They have successively issued such documents as the self-assessment guide for the illegal collection and use of personal information by app, the identification method for the illegal collection and use of personal information by app, and the basic specification for the collection of personal information by app (the latest draft) Establish a special app governance working group to regularly report violations, which means that the compliance collection and use of personal information has risen to the regulatory level. App development enterprises attach great importance to and respond to this, conduct self-examination of APP privacy compliance as soon as possible, and make reasonable rectification for non-compliance.
Through in-depth study of various app privacy compliance specifications / guidelines, PayEgis has developed its own compliance detection products, using a static analysis engine based on symbol execution and a dynamic detection engine based on running sandbox to conduct a comprehensive privacy compliance check throughout the use of mobile applications, aiming to help users quickly and accurately detect sensitive authority calls in the app, and To ensure the privacy and security of app.
One-stop application security service in the whole life cycle
In strict accordance with the national and industry issued personal information behavior management norms/guidelines, self-developed privacy security testing engine, efficient testing, authoritative and reliable results.
The detection scope covers vulnerability risk, authorization call, sensitive behavior, third-party SDK risk analysis and other aspects, and the multidimensional data comprehensive analysis ensures that the detection content is comprehensive.
Detection supports a variety of modes such as silent detection, whole-process automated testing, and multi-analysis and judgment, and the detection duration can be set flexibly to meet the requirements of different business scenarios.
Provide a complete detection path, screen capture and other basis, and automatically generate a complete report of authority call events, violations of sensitive behavior, application risks, etc.